From 3e6790044e2c2652f190d528b4403fbb3fa6e565 Mon Sep 17 00:00:00 2001
From: xXx-caillou-xXx
Date: Tue, 28 Aug 2018 14:38:46 +0200
Subject: Add a test for invalid regexp in cookie-related features

This should close #105 ---
 .../config_encrypted_regexp_cookies_bad_regexp.ini |  3 +++
 src/tests/encrypt_regexp_cookies_bad_regexp.phpt   | 27 ++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
 create mode 100644 src/tests/encrypt_regexp_cookies_bad_regexp.phpt

(limited to 'src/tests')

diff --git a/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
new file mode 100644
index 0000000..4fe92fd
--- /dev/null
+++ b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name_r("^super_co[a-z+$").encrypt();
+sp.auto_cookie_secure.enable();
diff --git a/src/tests/encrypt_regexp_cookies_bad_regexp.phpt b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt
new file mode 100644
index 0000000..b933aba
--- /dev/null
+++ b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Cookie decryption in ipv4
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies_bad_regexp.ini
+error_reporting=1
+--COOKIE--
+super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/59.0.3071.109 Chrome/59.0.3071.109 Safari/537.36
+EOF;
+--FILE--
+<?php var_dump($_COOKIE); ?>
+--EXPECT--
+array(2) {
+  ["super_cookie"]=>
+  string(92) "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM="
+  ["awful_cookie"]=>
+  string(18) "awful_cookie_value"
+}
+
+Fatal error: [snuffleupagus][config] Failed to compile '^super_co[a-z+$': missing terminating ] for character class on line 2. in Unknown on line 0
+
+Fatal error: [snuffleupagus][config] '.name_r()' is expecting a valid regexp, and not '"^super_co[a-z+$"' on line 2 in Unknown on line 0
-- 
cgit v1.3