From dce966ffec7dfdae2b701d581d71df6a5a542db9 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Sun, 8 Aug 2021 15:55:06 +0200
Subject: fixed enable/disable logic

---
 src/tests/upload_validation/upload_validation.phpt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/tests/upload_validation')

diff --git a/src/tests/upload_validation/upload_validation.phpt b/src/tests/upload_validation/upload_validation.phpt
index 965d3aa..810c23d 100644
--- a/src/tests/upload_validation/upload_validation.phpt
+++ b/src/tests/upload_validation/upload_validation.phpt
@@ -15,4 +15,4 @@ echo 1;
 --EXPECTF--
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 
-Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (tests/upload_ko.sh) doesn't exist on line 1 in Unknown on line 0
-- 
cgit v1.3


From 2863344b21977bb5b1df276b2f17e2ac9572e42a Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Mon, 20 Dec 2021 18:00:34 +0100
Subject: removed upload script x-bit check at load time, thus allowing
 root-user to execute test cases

---
 src/sp_config_keywords.c                                   | 3 ---
 src/tests/upload_validation/upload_validation_no_exec.phpt | 7 ++++---
 2 files changed, 4 insertions(+), 6 deletions(-)

(limited to 'src/tests/upload_validation')

diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index cbe4966..138da75 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -429,9 +429,6 @@ SP_PARSE_FN(parse_upload_validation) {
   } else if (-1 == access(ZSTR_VAL(cfg->script), F_OK)) {
     sp_log_err("config", "The `script` (%s) doesn't exist on line %zu", ZSTR_VAL(cfg->script), parsed_rule->lineno);
     return SP_PARSER_ERROR;
-  } else if (-1 == access(ZSTR_VAL(cfg->script), X_OK)) {
-    sp_log_err("config", "The `script` (%s) isn't executable on line %zu", ZSTR_VAL(cfg->script), parsed_rule->lineno);
-    return SP_PARSER_ERROR;
   }
 
   return SP_PARSER_STOP;
diff --git a/src/tests/upload_validation/upload_validation_no_exec.phpt b/src/tests/upload_validation/upload_validation_no_exec.phpt
index b198bda..ff3dc14 100644
--- a/src/tests/upload_validation/upload_validation_no_exec.phpt
+++ b/src/tests/upload_validation/upload_validation_no_exec.phpt
@@ -4,6 +4,7 @@ Upload a file, validation script not executable
 file_uploads=1
 sp.configuration_file={PWD}/config/upload_validation_non_exec.ini
 output_buffering=off
+expose_php=0
 --POST_RAW--
 Content-Type: multipart/form-data; boundary=blabla
 --blabla
@@ -14,6 +15,6 @@ Content-Disposition: form-data; name="test"; filename="test.php"
 var_dump($_FILES);
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-
-Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (tests/data/upload_no_exec.sh) isn't executable on line 1 in Unknown on line 0
+Warning: [snuffleupagus][0.0.0.0][upload_validation][log] Could not call '%s' : Permission denied %s
+%a
+Fatal error: [snuffleupagus][0.0.0.0][upload_validation][drop] The upload %s was rejected. in Unknown on line 0
-- 
cgit v1.3