From 713cb08b58d4e5dd5e7e80b1f82e27cbe52d4381 Mon Sep 17 00:00:00 2001 From: Ben Fuhrmannek Date: Thu, 11 Nov 2021 13:15:52 +0100 Subject: inverted logic. set xxe_protection.enable() instead of disable_xxe.disable() --- src/tests/xxe/config/disable_xxe.ini | 2 +- src/tests/xxe/config/disable_xxe_disable.ini | 2 +- src/tests/xxe/disable_xxe_dom_disabled.phpt | 4 ++-- src/tests/xxe/disable_xxe_simplexml.phpt | 3 ++- src/tests/xxe/disable_xxe_simplexml_oop.phpt | 3 ++- src/tests/xxe/disable_xxe_xml_parse.phpt | 5 ++++- 6 files changed, 12 insertions(+), 7 deletions(-) (limited to 'src/tests/xxe') diff --git a/src/tests/xxe/config/disable_xxe.ini b/src/tests/xxe/config/disable_xxe.ini index bc9d1f2..a50a3b9 100644 --- a/src/tests/xxe/config/disable_xxe.ini +++ b/src/tests/xxe/config/disable_xxe.ini @@ -1 +1 @@ -sp.disable_xxe.enable(); +sp.xxe_protection.enable(); diff --git a/src/tests/xxe/config/disable_xxe_disable.ini b/src/tests/xxe/config/disable_xxe_disable.ini index bb1e432..eaf5755 100644 --- a/src/tests/xxe/config/disable_xxe_disable.ini +++ b/src/tests/xxe/config/disable_xxe_disable.ini @@ -1 +1 @@ -sp.disable_xxe.disable(); +sp.xxe_protection.disable(); diff --git a/src/tests/xxe/disable_xxe_dom_disabled.phpt b/src/tests/xxe/disable_xxe_dom_disabled.phpt index a49e094..107171c 100644 --- a/src/tests/xxe/disable_xxe_dom_disabled.phpt +++ b/src/tests/xxe/disable_xxe_dom_disabled.phpt @@ -1,10 +1,10 @@ --TEST-- -Disable XXE +Disable XXE (feature enabled) --SKIPIF-- = 80000) print "skip"; ?> --INI-- -sp.configuration_file={PWD}/config/disable_xxe_disable.ini +sp.configuration_file={PWD}/config/disable_xxe.ini --EXTENSIONS-- dom --FILE-- diff --git a/src/tests/xxe/disable_xxe_simplexml.phpt b/src/tests/xxe/disable_xxe_simplexml.phpt index 1d3ef4c..9560156 100644 --- a/src/tests/xxe/disable_xxe_simplexml.phpt +++ b/src/tests/xxe/disable_xxe_simplexml.phpt @@ -2,8 +2,9 @@ Disable XXE --SKIPIF-- += 80000) print "skip"; ?> --INI-- -sp.configuration_file={PWD}/config/disable_xxe.ini +sp.configuration_file={PWD}/config/disable_xxe_disable.ini --EXTENSIONS-- simplexml --XFAIL-- diff --git a/src/tests/xxe/disable_xxe_simplexml_oop.phpt b/src/tests/xxe/disable_xxe_simplexml_oop.phpt index e101337..1b2c4ca 100644 --- a/src/tests/xxe/disable_xxe_simplexml_oop.phpt +++ b/src/tests/xxe/disable_xxe_simplexml_oop.phpt @@ -2,8 +2,9 @@ Disable XXE --SKIPIF-- += 80000) print "skip"; ?> --INI-- -sp.configuration_file={PWD}/config/disable_xxe.ini +sp.configuration_file={PWD}/config/disable_xxe_disable.ini --EXTENSIONS-- simplexml --XFAIL-- diff --git a/src/tests/xxe/disable_xxe_xml_parse.phpt b/src/tests/xxe/disable_xxe_xml_parse.phpt index 6b48bea..bc7e338 100644 --- a/src/tests/xxe/disable_xxe_xml_parse.phpt +++ b/src/tests/xxe/disable_xxe_xml_parse.phpt @@ -70,7 +70,8 @@ $parser = create_parser(); $doc = xml_parse($parser, $xml, true); xml_parser_free($parser); ---EXPECT-- +--EXPECTF-- +Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %a.php on line 41 string(4) "TEST" array(0) { @@ -81,6 +82,8 @@ array(0) { } string(7) "TESTING" string(4) "TEST" + +Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %a.php on line 46 string(4) "TEST" array(0) { -- cgit v1.3 From 0be11fcc6e73f7e35bf2f3b884676413f5522cf1 Mon Sep 17 00:00:00 2001 From: Ben Fuhrmannek Date: Thu, 11 Nov 2021 13:32:07 +0100 Subject: more tests for xxe + optional xml support --- src/sp_disable_xxe.c | 7 +++ src/tests/xxe/disable_xxe_dom_disabled_php8.phpt | 57 +++++++++++++++++++++++ src/tests/xxe/disable_xxe_dom_php8.phpt | 59 ++++++++++++++++++++++++ 3 files changed, 123 insertions(+) create mode 100644 src/tests/xxe/disable_xxe_dom_disabled_php8.phpt create mode 100644 src/tests/xxe/disable_xxe_dom_php8.phpt (limited to 'src/tests/xxe') diff --git a/src/sp_disable_xxe.c b/src/sp_disable_xxe.c index 7db2451..b6030c6 100644 --- a/src/sp_disable_xxe.c +++ b/src/sp_disable_xxe.c @@ -1,5 +1,7 @@ #include "php_snuffleupagus.h" +#ifdef HAVE_XML + PHP_FUNCTION(sp_libxml_disable_entity_loader) { sp_log_warn("xxe", "A call to libxml_disable_entity_loader was tried and nopped"); @@ -39,3 +41,8 @@ int hook_libxml_disable_entity_loader() { return SUCCESS; } +#else +int hook_libxml_disable_entity_loader() { + sp_log_warn("xxe", "Cannot enable XXE protection. XML support is disabled in PHP."); +} +#endif \ No newline at end of file diff --git a/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt new file mode 100644 index 0000000..01e3349 --- /dev/null +++ b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt @@ -0,0 +1,57 @@ +--TEST-- +Disable XXE (feature disabled) +--SKIPIF-- + + +--INI-- +sp.configuration_file={PWD}/config/disable_xxe_disable.ini +--EXTENSIONS-- +dom +--FILE-- +WARNING, external entity loaded!'; +file_put_contents($dir . '/content.txt', $content); + +$xml = << + +]> +&foo; +EOD; + +file_put_contents($dir . '/content.xml', $xml); + + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT); +printf("default setting with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD); +printf("default setting without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +libxml_set_external_entity_loader(null); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT); +printf("disabled entity loader with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD); +printf("disabled entity loader without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +?> +--EXPECTF-- +default setting with LIBXML_NOENT: WARNING, external entity loaded! +default setting without LIBXML_NOENT: +disabled entity loader with LIBXML_NOENT: WARNING, external entity loaded! +disabled entity loader without LIBXML_NOENT: +--CLEAN-- + diff --git a/src/tests/xxe/disable_xxe_dom_php8.phpt b/src/tests/xxe/disable_xxe_dom_php8.phpt new file mode 100644 index 0000000..485828f --- /dev/null +++ b/src/tests/xxe/disable_xxe_dom_php8.phpt @@ -0,0 +1,59 @@ +--TEST-- +Disable XXE (feature enabled) +--SKIPIF-- + + +--INI-- +sp.configuration_file={PWD}/config/disable_xxe.ini +--EXTENSIONS-- +dom +--FILE-- +WARNING, external entity loaded!'; +file_put_contents($dir . '/content.txt', $content); + +$xml = << + +]> +&foo; +EOD; + +file_put_contents($dir . '/content.xml', $xml); + + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT); +printf("default setting with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD); +printf("default setting without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +libxml_set_external_entity_loader(null); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT); +printf("disabled entity loader with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +$dom = new DOMDocument('1.0'); +$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD); +printf("disabled entity loader without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue); + +?> +--EXPECTF-- +default setting with LIBXML_NOENT: WARNING, external entity loaded! +default setting without LIBXML_NOENT: + +Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_set_external_entity_loader was tried and nopped in %a.php on line 26 +disabled entity loader with LIBXML_NOENT: WARNING, external entity loaded! +disabled entity loader without LIBXML_NOENT: +--CLEAN-- + -- cgit v1.3