From 5329a55bfd2b00d617a40d587cd37050d964ccbf Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 12 Dec 2020 18:57:48 +0000
Subject: Mark the relevant php8 tests as broken (#359)

* Skip tests broken on php8

* Oops

* Fix some tests

* Add some XXE tests for php8

* Fix a test
---
 src/tests/xxe/disable_xxe_dom.phpt               |  38 ++++----
 src/tests/xxe/disable_xxe_dom_disabled.phpt      |   1 +
 src/tests/xxe/disable_xxe_dom_disabled_php8.phpt |  60 +++++++++++++
 src/tests/xxe/disable_xxe_xml_parse.phpt         |   1 +
 src/tests/xxe/disable_xxe_xml_parse_php8.phpt    | 106 +++++++++++++++++++++++
 5 files changed, 190 insertions(+), 16 deletions(-)
 create mode 100644 src/tests/xxe/disable_xxe_dom_disabled_php8.phpt
 create mode 100644 src/tests/xxe/disable_xxe_xml_parse_php8.phpt

(limited to 'src/tests/xxe')

diff --git a/src/tests/xxe/disable_xxe_dom.phpt b/src/tests/xxe/disable_xxe_dom.phpt
index 58467f7..99ed572 100644
--- a/src/tests/xxe/disable_xxe_dom.phpt
+++ b/src/tests/xxe/disable_xxe_dom.phpt
@@ -1,7 +1,8 @@
 --TEST--
-Disable XXE
+Disable XXE, in php8
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/disable_xxe.ini
 --EXTENSIONS--
@@ -41,29 +42,34 @@ $dom = new DOMDocument('1.0');
 $dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
 printf("without xxe: %s", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
 
+?>
+--CLEAN--
+<?php
+$dir = __DIR__;
+unlink($dir . "content.xml");
+unlink($dir . "content.txt");
 ?>
 --EXPECTF--
-Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file://%a/content.txt" in %a/disable_xxe_dom.php on line %d
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom.php on line %d
 
-Warning: DOMDocument::loadXML(): Failure to process entity foo in Entity, line: %d in %a/disable_xxe_dom.php on line %d
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file://%s/tests/xxe/content.txt" in /var/www/html/snuffleupagus/src/tests/xxe/disable_xxe_dom.php on line %d
 
-Warning: DOMDocument::loadXML(): Entity 'foo' not defined in Entity, line: %d in %a/disable_xxe_dom.php on line %d
+Warning: DOMDocument::loadXML(): Failure to process entity foo in Entity, line: 6 in %s/tests/xxe/disable_xxe_dom.php on line %d
 
-Notice: Trying to get property %a in %a/disable_xxe_dom.php on line %d
+Warning: DOMDocument::loadXML(): Entity 'foo' not defined in Entity, line: 6 in %s/tests/xxe/disable_xxe_dom.php on line %d
+
+Warning: Attempt to read property "nodeValue" on null in %s/tests/xxe/disable_xxe_dom.php on line %d
 libxml_disable_entity to true: 
 
-Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file://%a/content.txt" in %a/disable_xxe_dom.php on line %d
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom.php on line %d
+
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file://%s/tests/xxe/content.txt" in /var/www/html/snuffleupagus/src/tests/xxe/disable_xxe_dom.php on line %d
 
-Warning: DOMDocument::loadXML(): Failure to process entity foo in Entity, line: %d in %a/disable_xxe_dom.php on line %d
+Warning: DOMDocument::loadXML(): Failure to process entity foo in Entity, line: 6 in %s/tests/xxe/disable_xxe_dom.php on line %d
 
-Warning: DOMDocument::loadXML(): Entity 'foo' not defined in Entity, line: %d in %a/disable_xxe_dom.php on line %d
+Warning: DOMDocument::loadXML(): Entity 'foo' not defined in Entity, line: 6 in %s/tests/xxe/disable_xxe_dom.php on line %d
 
-Notice: Trying to get property %a in %a/disable_xxe_dom.php on line %d
+Warning: Attempt to read property "nodeValue" on null in %s/tests/xxe/disable_xxe_dom.php on line %d
 libxml_disable_entity to false: 
-without xxe: foo
---CLEAN--
-<?php
-$dir = __DIR__;
-unlink($dir . "content.xml");
-unlink($dir . "content.txt");
-?>
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom.php on line %d
diff --git a/src/tests/xxe/disable_xxe_dom_disabled.phpt b/src/tests/xxe/disable_xxe_dom_disabled.phpt
index fe88d76..493f5a3 100644
--- a/src/tests/xxe/disable_xxe_dom_disabled.phpt
+++ b/src/tests/xxe/disable_xxe_dom_disabled.phpt
@@ -2,6 +2,7 @@
 Disable XXE
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/disable_xxe_disable.ini
 --EXTENSIONS--
diff --git a/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt
new file mode 100644
index 0000000..c0db7fc
--- /dev/null
+++ b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt
@@ -0,0 +1,60 @@
+--TEST--
+Disable XXE in php8
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disable_xxe_disable.ini
+--EXTENSIONS--
+dom
+--FILE--
+<?php 
+$dir = __DIR__;
+$content = '<content>WARNING, external entity loaded!</content>';
+file_put_contents($dir . '/content.txt', $content);
+
+$xml = <<<EOD
+<?xml version="1.0"?>
+<!DOCTYPE root
+[
+<!ENTITY foo SYSTEM "file://$dir/content.txt">
+]>
+<test><testing>&foo;</testing></test>
+EOD;
+
+file_put_contents($dir . '/content.xml', $xml);
+
+libxml_disable_entity_loader(true);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("libxml_disable_entity to true: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+
+libxml_disable_entity_loader(false);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("libxml_disable_entity to false: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+
+$xml = "<test><testing>foo</testing></test>";
+file_put_contents('content.xml', $xml);
+
+libxml_disable_entity_loader(false);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("without xxe: %s", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+
+?>
+--CLEAN--
+<?php
+$dir = __DIR__;
+unlink($dir . "/content.xml");
+unlink($dir . "/content.txt");
+?>
+--EXPECTF-- 
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
+libxml_disable_entity to true: WARNING, external entity loaded!
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
+libxml_disable_entity to false: WARNING, external entity loaded!
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
+
diff --git a/src/tests/xxe/disable_xxe_xml_parse.phpt b/src/tests/xxe/disable_xxe_xml_parse.phpt
index b6dec2d..6b48bea 100644
--- a/src/tests/xxe/disable_xxe_xml_parse.phpt
+++ b/src/tests/xxe/disable_xxe_xml_parse.phpt
@@ -8,6 +8,7 @@ Disable XXE in xml_parse
   echo "skip because the `xml` extension isn't loaded";
 }
  ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --EXTENSIONS--
 xml
 --INI--
diff --git a/src/tests/xxe/disable_xxe_xml_parse_php8.phpt b/src/tests/xxe/disable_xxe_xml_parse_php8.phpt
new file mode 100644
index 0000000..4a8622a
--- /dev/null
+++ b/src/tests/xxe/disable_xxe_xml_parse_php8.phpt
@@ -0,0 +1,106 @@
+--TEST--
+Disable XXE in xml_parse, in php8
+--SKIPIF--
+<?php
+ if (!extension_loaded("snuffleupagus")) {
+  echo "skip because snuffleupagus isn't loaded";
+} elseif (!extension_loaded("xml")) {
+  echo "skip because the `xml` extension isn't loaded";
+}
+?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--EXTENSIONS--
+xml
+--INI--
+sp.configuration_file={PWD}/config/disable_xxe.ini
+--FILE--
+<?php 
+$dir = __DIR__;
+$content = 'WARNING, external entity loaded!';
+file_put_contents('content.txt', $content);
+
+$xml = <<<EOD
+<?xml version="1.0"?>
+<!DOCTYPE root
+[
+<!ENTITY foo SYSTEM "file://$dir/content.txt">
+]>
+<test><testing>&foo;</testing></test>
+EOD;
+
+file_put_contents('content.xml', $xml);
+
+function create_parser() {
+	$parser = xml_parser_create();
+	xml_set_element_handler(
+		$parser,
+		function($parser, $name, array $attributes) {
+			var_dump($name);
+			echo "\n";
+			var_dump($attributes);
+		},
+		function($parser, $name) {
+			var_dump($name);
+		}
+	);
+
+	xml_set_character_data_handler(
+		$parser,
+		function ($parser, $text){
+			echo 'text' . $text;
+		}
+	);
+
+	return $parser;
+}
+
+libxml_disable_entity_loader(true);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+libxml_disable_entity_loader(false);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+$xml = "<test><testing>foo</testing></test>";
+file_put_contents('content.xml', $xml);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+--EXPECTF--
+	Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_xml_parse.php on line 41
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+string(7) "TESTING"
+string(4) "TEST"
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s/tests/xxe/disable_xxe_xml_parse.php on line 46
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+string(7) "TESTING"
+string(4) "TEST"
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+textfoostring(7) "TESTING"
+
-- 
cgit v1.3