From 3b113be573cdbca20ce9ec9c0a6efb25ccf51db5 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Thu, 4 Jan 2018 15:59:59 +0100 Subject: Eval blacklist Add support for eval filtering, only blacklist for now--- src/tests/config/eval_backlist.ini | 1 + src/tests/config/eval_backlist_list.ini | 1 + src/tests/config/eval_backlist_simulation.ini | 1 + src/tests/eval_backlist.phpt | 16 +++++++++++++++ src/tests/eval_backlist_list.phpt | 16 +++++++++++++++ src/tests/eval_backlist_simulation.phpt | 17 ++++++++++++++++ src/tests/nested_eval_blacklist.phpt | 28 +++++++++++++++++++++++++++ 7 files changed, 80 insertions(+) create mode 100644 src/tests/config/eval_backlist.ini create mode 100644 src/tests/config/eval_backlist_list.ini create mode 100644 src/tests/config/eval_backlist_simulation.ini create mode 100644 src/tests/eval_backlist.phpt create mode 100644 src/tests/eval_backlist_list.phpt create mode 100644 src/tests/eval_backlist_simulation.phpt create mode 100644 src/tests/nested_eval_blacklist.phpt (limited to 'src/tests') diff --git a/src/tests/config/eval_backlist.ini b/src/tests/config/eval_backlist.ini new file mode 100644 index 0000000..1e34b5b --- /dev/null +++ b/src/tests/config/eval_backlist.ini @@ -0,0 +1 @@ +sp.eval_filter.blacklist("strlen"); diff --git a/src/tests/config/eval_backlist_list.ini b/src/tests/config/eval_backlist_list.ini new file mode 100644 index 0000000..da5650d --- /dev/null +++ b/src/tests/config/eval_backlist_list.ini @@ -0,0 +1 @@ +sp.eval_filter.blacklist("strcmp,strlen"); diff --git a/src/tests/config/eval_backlist_simulation.ini b/src/tests/config/eval_backlist_simulation.ini new file mode 100644 index 0000000..fafebd5 --- /dev/null +++ b/src/tests/config/eval_backlist_simulation.ini @@ -0,0 +1 @@ +sp.eval_filter.blacklist("strlen").simulation(); diff --git a/src/tests/eval_backlist.phpt b/src/tests/eval_backlist.phpt new file mode 100644 index 0000000..20b2c92 --- /dev/null +++ b/src/tests/eval_backlist.phpt @@ -0,0 +1,16 @@ +--TEST-- +Eval blacklist +--SKIPIF-- + +--INI-- +sp.configuration_file={PWD}/config/eval_backlist.ini +--FILE-- + +--EXPECTF-- +Outside of eval: 14 +[snuffleupagus][0.0.0.0][eval][drop] A call to strlen was tried in eval, in%atests/eval_backlist.php:1, dropping it. diff --git a/src/tests/eval_backlist_list.phpt b/src/tests/eval_backlist_list.phpt new file mode 100644 index 0000000..b1c7bfd --- /dev/null +++ b/src/tests/eval_backlist_list.phpt @@ -0,0 +1,16 @@ +--TEST-- +Eval blacklist - with a list of functions +--SKIPIF-- + +--INI-- +sp.configuration_file={PWD}/config/eval_backlist_list.ini +--FILE-- + +--EXPECTF-- +Outside of eval: 14 +[snuffleupagus][0.0.0.0][eval][drop] A call to strlen was tried in eval, in %a/tests/eval_backlist_list.php:1, dropping it. diff --git a/src/tests/eval_backlist_simulation.phpt b/src/tests/eval_backlist_simulation.phpt new file mode 100644 index 0000000..ddeae60 --- /dev/null +++ b/src/tests/eval_backlist_simulation.phpt @@ -0,0 +1,17 @@ +--TEST-- +Eval blacklist +--SKIPIF-- + +--INI-- +sp.configuration_file={PWD}/config/eval_backlist_simulation.ini +--FILE-- + +--EXPECTF-- +Outside of eval: 14 +[snuffleupagus][0.0.0.0][eval][simulation] A call to strlen was tried in eval, in %a/tests/eval_backlist_simulation.php:1, dropping it. +After eval: 4 diff --git a/src/tests/nested_eval_blacklist.phpt b/src/tests/nested_eval_blacklist.phpt new file mode 100644 index 0000000..b12bf93 --- /dev/null +++ b/src/tests/nested_eval_blacklist.phpt @@ -0,0 +1,28 @@ +--TEST-- +Eval blacklist - nested eval +--SKIPIF-- + +--INI-- +sp.configuration_file={PWD}/config/eval_backlist.ini +--FILE-- + +--EXPECTF-- +Outside of eval: 14 +Inception lvl 1... +Inception lvl 2... +Inception lvl 3... +[snuffleupagus][0.0.0.0][eval][drop] A call to strlen was tried in eval, in %a/tests/nested_eval_blacklist.php(5) : eval()'d code(4) : eval()'d code:3, dropping it. -- cgit v1.3