diff options
| author | Lior Kaplan <kaplanlior@gmail.com> | 2014-08-25 00:29:05 +0300 |
|---|---|---|
| committer | Lior Kaplan <kaplanlior@gmail.com> | 2014-08-25 00:29:05 +0300 |
| commit | bda1cc69468c44ada683cfa52350f8bf28a068ec (patch) | |
| tree | f7e7f82f1c6c064c0d100d34032da983b904cf40 | |
| parent | cb41a7bad1350f1c9bd162abf52eea128a395e0a (diff) | |
| download | php-git-bda1cc69468c44ada683cfa52350f8bf28a068ec.tar.gz | |
Bug #67730: Add tests by Ryan Mauger <ryan@rmauger.co.uk>
| -rw-r--r-- | ext/gd/tests/imagegd2_nullbyte_injection.phpt | 31 | ||||
| -rw-r--r-- | ext/gd/tests/imagegd_nullbyte_injection.phpt | 31 | ||||
| -rw-r--r-- | ext/gd/tests/imagegif_nullbyte_injection.phpt | 38 | ||||
| -rw-r--r-- | ext/gd/tests/imagejpeg_nullbyte_injection.phpt | 38 | ||||
| -rw-r--r-- | ext/gd/tests/imagepng_nullbyte_injection.phpt | 38 | ||||
| -rw-r--r-- | ext/gd/tests/imagewbmp_nullbyte_injection.phpt | 38 | ||||
| -rw-r--r-- | ext/gd/tests/imagewebp_nullbyte_injection.phpt | 38 |
7 files changed, 252 insertions, 0 deletions
diff --git a/ext/gd/tests/imagegd2_nullbyte_injection.phpt b/ext/gd/tests/imagegd2_nullbyte_injection.phpt new file mode 100644 index 0000000000..49affefb96 --- /dev/null +++ b/ext/gd/tests/imagegd2_nullbyte_injection.phpt @@ -0,0 +1,31 @@ +--TEST-- +Testing null byte injection in imagegd2 +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagegd2 TEST\n"; +imagegd2($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagegd2 TEST + +Warning: imagegd2() expects parameter 2 to be a valid path, string given in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagegd_nullbyte_injection.phpt b/ext/gd/tests/imagegd_nullbyte_injection.phpt new file mode 100644 index 0000000000..a423a551fd --- /dev/null +++ b/ext/gd/tests/imagegd_nullbyte_injection.phpt @@ -0,0 +1,31 @@ +--TEST-- +Testing null byte injection in imagegd +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagegd TEST\n"; +imagegd($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagegd TEST + +Warning: imagegd() expects parameter 2 to be a valid path, string given in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagegif_nullbyte_injection.phpt b/ext/gd/tests/imagegif_nullbyte_injection.phpt new file mode 100644 index 0000000000..c3d0c30175 --- /dev/null +++ b/ext/gd/tests/imagegif_nullbyte_injection.phpt @@ -0,0 +1,38 @@ +--TEST-- +Testing null byte injection in imagegif +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--SKIPIF-- +<?php +$support = gd_info(); +if (!isset($support['GIF Create Support']) || $support['GIF Create Support'] === false) { + print 'skip gif support not available'; +} +?> +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagegif TEST\n"; +imagegif($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagegif TEST + +Warning: imagegif(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagejpeg_nullbyte_injection.phpt b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt new file mode 100644 index 0000000000..9c52355011 --- /dev/null +++ b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt @@ -0,0 +1,38 @@ +--TEST-- +Testing null byte injection in imagejpeg +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--SKIPIF-- +<?php +$support = gd_info(); +if (!isset($support['JPEG Support']) || $support['JPEG Support'] === false) { + print 'skip jpeg support not available'; +} +?> +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagejpeg TEST\n"; +imagejpeg($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagejpeg TEST + +Warning: imagejpeg(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagepng_nullbyte_injection.phpt b/ext/gd/tests/imagepng_nullbyte_injection.phpt new file mode 100644 index 0000000000..13949dca0d --- /dev/null +++ b/ext/gd/tests/imagepng_nullbyte_injection.phpt @@ -0,0 +1,38 @@ +--TEST-- +Testing null byte injection in imagepng +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--SKIPIF-- +<?php +$support = gd_info(); +if (!isset($support['PNG Support']) || $support['PNG Support'] === false) { + print 'skip png support not available'; +} +?> +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagepng TEST\n"; +imagepng($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagepng TEST + +Warning: imagepng(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagewbmp_nullbyte_injection.phpt b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt new file mode 100644 index 0000000000..f199626389 --- /dev/null +++ b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt @@ -0,0 +1,38 @@ +--TEST-- +Testing null byte injection in imagewbmp +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--SKIPIF-- +<?php +$support = gd_info(); +if (!isset($support['WBMP Support']) || $support['WBMP Support'] === false) { + print 'skip wbmp support not available'; +} +?> +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagewbmp TEST\n"; +imagewbmp($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagewbmp TEST + +Warning: imagewbmp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d +bool(false) +bool(false) diff --git a/ext/gd/tests/imagewebp_nullbyte_injection.phpt b/ext/gd/tests/imagewebp_nullbyte_injection.phpt new file mode 100644 index 0000000000..3bd632591b --- /dev/null +++ b/ext/gd/tests/imagewebp_nullbyte_injection.phpt @@ -0,0 +1,38 @@ +--TEST-- +Testing null byte injection in imagewebp +--CLEAN-- +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } +rmdir($tempdir); +--SKIPIF-- +<?php +$support = gd_info(); +if (!isset($support['WEBP Support']) || $support['WEBP Support'] === false) { + print 'skip webp support not available'; +} +?> +--FILE-- +<?php +$image = imagecreate(1,1);// 1px image + + +$tempdir = sys_get_temp_dir(). '/php-gdtest'; +if (!file_exists($tempdir) && !is_dir($tempdir)) { + mkdir ($tempdir, 0777, true); +} + +$userinput = "1\0"; // from post or get data +$temp = $tempdir. "/test" . $userinput .".tmp"; + +echo "\nimagewebp TEST\n"; +imagewebp($image, $temp); +var_dump(file_exists($tempdir. "/test1")); +var_dump(file_exists($tempdir. "/test1.tmp")); +foreach (glob($tempdir . "/test*") as $file ) { unlink($file); } + +--EXPECTF-- +imagewbmp TEST + +Warning: imagewebp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d +bool(false) +bool(false) |