summaryrefslogtreecommitdiff
path: root/ext
diff options
context:
space:
mode:
authorLior Kaplan <kaplanlior@gmail.com>2014-08-25 00:31:10 +0300
committerLior Kaplan <kaplanlior@gmail.com>2014-08-25 00:31:10 +0300
commit0cf2dbdf58645b52cb6582b1b2571c5cd9e9e6b3 (patch)
tree66a416415e00414ba4da6b175e89f5f1f0d9ab42 /ext
parent80a3b9ca4089f6b6d18aa700e611eff2530ebb3d (diff)
parent6e87b01e95e559a1b83417d8a08d2ef51b58c5ee (diff)
downloadphp-git-0cf2dbdf58645b52cb6582b1b2571c5cd9e9e6b3.tar.gz
Merge branch 'PHP-5.6'
* PHP-5.6: Bug #67730: Add tests by Ryan Mauger <ryan@rmauger.co.uk>
Diffstat (limited to 'ext')
-rw-r--r--ext/gd/tests/imagegd2_nullbyte_injection.phpt31
-rw-r--r--ext/gd/tests/imagegd_nullbyte_injection.phpt31
-rw-r--r--ext/gd/tests/imagegif_nullbyte_injection.phpt38
-rw-r--r--ext/gd/tests/imagejpeg_nullbyte_injection.phpt38
-rw-r--r--ext/gd/tests/imagepng_nullbyte_injection.phpt38
-rw-r--r--ext/gd/tests/imagewbmp_nullbyte_injection.phpt38
-rw-r--r--ext/gd/tests/imagewebp_nullbyte_injection.phpt38
7 files changed, 252 insertions, 0 deletions
diff --git a/ext/gd/tests/imagegd2_nullbyte_injection.phpt b/ext/gd/tests/imagegd2_nullbyte_injection.phpt
new file mode 100644
index 0000000000..49affefb96
--- /dev/null
+++ b/ext/gd/tests/imagegd2_nullbyte_injection.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Testing null byte injection in imagegd2
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagegd2 TEST\n";
+imagegd2($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagegd2 TEST
+
+Warning: imagegd2() expects parameter 2 to be a valid path, string given in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagegd_nullbyte_injection.phpt b/ext/gd/tests/imagegd_nullbyte_injection.phpt
new file mode 100644
index 0000000000..a423a551fd
--- /dev/null
+++ b/ext/gd/tests/imagegd_nullbyte_injection.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Testing null byte injection in imagegd
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagegd TEST\n";
+imagegd($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagegd TEST
+
+Warning: imagegd() expects parameter 2 to be a valid path, string given in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagegif_nullbyte_injection.phpt b/ext/gd/tests/imagegif_nullbyte_injection.phpt
new file mode 100644
index 0000000000..c3d0c30175
--- /dev/null
+++ b/ext/gd/tests/imagegif_nullbyte_injection.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Testing null byte injection in imagegif
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--SKIPIF--
+<?php
+$support = gd_info();
+if (!isset($support['GIF Create Support']) || $support['GIF Create Support'] === false) {
+ print 'skip gif support not available';
+}
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagegif TEST\n";
+imagegif($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagegif TEST
+
+Warning: imagegif(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagejpeg_nullbyte_injection.phpt b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt
new file mode 100644
index 0000000000..9c52355011
--- /dev/null
+++ b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Testing null byte injection in imagejpeg
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--SKIPIF--
+<?php
+$support = gd_info();
+if (!isset($support['JPEG Support']) || $support['JPEG Support'] === false) {
+ print 'skip jpeg support not available';
+}
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagejpeg TEST\n";
+imagejpeg($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagejpeg TEST
+
+Warning: imagejpeg(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagepng_nullbyte_injection.phpt b/ext/gd/tests/imagepng_nullbyte_injection.phpt
new file mode 100644
index 0000000000..13949dca0d
--- /dev/null
+++ b/ext/gd/tests/imagepng_nullbyte_injection.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Testing null byte injection in imagepng
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--SKIPIF--
+<?php
+$support = gd_info();
+if (!isset($support['PNG Support']) || $support['PNG Support'] === false) {
+ print 'skip png support not available';
+}
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagepng TEST\n";
+imagepng($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagepng TEST
+
+Warning: imagepng(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagewbmp_nullbyte_injection.phpt b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt
new file mode 100644
index 0000000000..f199626389
--- /dev/null
+++ b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Testing null byte injection in imagewbmp
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--SKIPIF--
+<?php
+$support = gd_info();
+if (!isset($support['WBMP Support']) || $support['WBMP Support'] === false) {
+ print 'skip wbmp support not available';
+}
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagewbmp TEST\n";
+imagewbmp($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagewbmp TEST
+
+Warning: imagewbmp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+bool(false)
diff --git a/ext/gd/tests/imagewebp_nullbyte_injection.phpt b/ext/gd/tests/imagewebp_nullbyte_injection.phpt
new file mode 100644
index 0000000000..3bd632591b
--- /dev/null
+++ b/ext/gd/tests/imagewebp_nullbyte_injection.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Testing null byte injection in imagewebp
+--CLEAN--
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+rmdir($tempdir);
+--SKIPIF--
+<?php
+$support = gd_info();
+if (!isset($support['WEBP Support']) || $support['WEBP Support'] === false) {
+ print 'skip webp support not available';
+}
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+
+
+$tempdir = sys_get_temp_dir(). '/php-gdtest';
+if (!file_exists($tempdir) && !is_dir($tempdir)) {
+ mkdir ($tempdir, 0777, true);
+}
+
+$userinput = "1\0"; // from post or get data
+$temp = $tempdir. "/test" . $userinput .".tmp";
+
+echo "\nimagewebp TEST\n";
+imagewebp($image, $temp);
+var_dump(file_exists($tempdir. "/test1"));
+var_dump(file_exists($tempdir. "/test1.tmp"));
+foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
+
+--EXPECTF--
+imagewbmp TEST
+
+Warning: imagewebp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+bool(false)