diff options
| author | Dave Kelsey <dkelsey@php.net> | 2009-01-22 07:56:56 +0000 |
|---|---|---|
| committer | Dave Kelsey <dkelsey@php.net> | 2009-01-22 07:56:56 +0000 |
| commit | aa3e1f615823df29289224652055a719c6268d2d (patch) | |
| tree | 5d32a8b252986c493fabe4a61edd076df4da2331 /tests/security | |
| parent | ba5407d06529d7842a9274f73adab6746815d293 (diff) | |
| download | php-git-aa3e1f615823df29289224652055a719c6268d2d.tar.gz | |
fixed subtle bugs regarding attempting to chdir, plus cleanup issues. improved tempnam test, removed hardcoded line number. tested on windows, linux and linux 64bit.
Diffstat (limited to 'tests/security')
27 files changed, 142 insertions, 91 deletions
diff --git a/tests/security/open_basedir.inc b/tests/security/open_basedir.inc index 7fd0afc8bb..c5de8ca112 100644 --- a/tests/security/open_basedir.inc +++ b/tests/security/open_basedir.inc @@ -59,7 +59,7 @@ function recursive_delete_directory($directory) { function create_directories() { delete_directories(); - $directory = dirname(__FILE__); + $directory = getcwd(); var_dump(mkdir($directory."/test")); var_dump(mkdir($directory."/test/ok")); @@ -69,25 +69,28 @@ function create_directories() { } function delete_directories() { - $directory = (dirname(__FILE__)."/test"); + $directory = (getcwd()."/test"); recursive_delete_directory($directory); } function test_open_basedir_error($function) { + global $savedDirectory; var_dump($function("../bad")); var_dump($function("../bad/bad.txt")); var_dump($function("..")); var_dump($function("../")); var_dump($function("/")); var_dump($function("../bad/.")); - $directory = dirname(__FILE__); + $directory = $savedDirectory; var_dump($function($directory."/test/bad/bad.txt")); var_dump($function($directory."/test/bad/../bad/bad.txt")); } function test_open_basedir_before($function, $change = TRUE) { + global $savedDirectory; echo "*** Testing open_basedir configuration [$function] ***\n"; - $directory = dirname(__FILE__); + $directory = getcwd(); + $savedDirectory = $directory; var_dump(chdir($directory)); create_directories(); @@ -104,26 +107,29 @@ function test_open_basedir_after($function) { // This is used by functions that return an array on success function test_open_basedir_array($function) { + global $savedDirectory; + test_open_basedir_before($function); test_open_basedir_error($function); var_dump(is_array($function("./../."))); var_dump(is_array($function("../ok"))); var_dump(is_array($function("ok.txt"))); var_dump(is_array($function("../ok/ok.txt"))); - $directory = dirname(__FILE__); + $directory = $savedDirectory; var_dump(is_array($function($directory."/test/ok/ok.txt"))); var_dump(is_array($function($directory."/test/ok/../ok/ok.txt"))); test_open_basedir_after($function); } function test_open_basedir($function) { + global $savedDirectory; test_open_basedir_before($function); test_open_basedir_error($function); var_dump($function("./../.")); var_dump($function("../ok")); var_dump($function("ok.txt")); var_dump($function("../ok/ok.txt")); - $directory = dirname(__FILE__); + $directory = $savedDirectory; var_dump($function($directory."/test/ok/ok.txt")); var_dump($function($directory."/test/ok/../ok/ok.txt")); test_open_basedir_after($function); diff --git a/tests/security/open_basedir_chdir.phpt b/tests/security/open_basedir_chdir.phpt index 32ed4eb1ec..aa8cef52da 100644 --- a/tests/security/open_basedir_chdir.phpt +++ b/tests/security/open_basedir_chdir.phpt @@ -6,7 +6,6 @@ open_basedir=. <?php require_once "open_basedir.inc"; test_open_basedir_before("chdir"); -$directory = dirname(__FILE__); var_dump(chdir("../bad")); var_dump(chdir("..")); diff --git a/tests/security/open_basedir_chmod.phpt b/tests/security/open_basedir_chmod.phpt index 02fdce5a1b..7256d6ed7d 100644 --- a/tests/security/open_basedir_chmod.phpt +++ b/tests/security/open_basedir_chmod.phpt @@ -5,8 +5,9 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); + test_open_basedir_before("chmod"); -$directory = dirname(__FILE__); var_dump(chmod("../bad", 0600)); var_dump(chmod("../bad/bad.txt", 0600)); @@ -17,12 +18,12 @@ var_dump(chmod("../bad/.", 0600)); var_dump(chmod("../bad/./bad.txt", 0600)); var_dump(chmod("./../.", 0600)); -var_dump(chmod($directory."/test/ok/ok.txt", 0600)); +var_dump(chmod($initdir."/test/ok/ok.txt", 0600)); var_dump(chmod("./ok.txt", 0600)); var_dump(chmod("ok.txt", 0600)); var_dump(chmod("../ok/ok.txt", 0600)); var_dump(chmod("../ok/./ok.txt", 0600)); -chmod($directory."/test/ok/ok.txt", 0777); +chmod($initdir."/test/ok/ok.txt", 0777); test_open_basedir_after("chmod"); ?> diff --git a/tests/security/open_basedir_copy.phpt b/tests/security/open_basedir_copy.phpt index 9faaa82ac0..7cb902add0 100644 --- a/tests/security/open_basedir_copy.phpt +++ b/tests/security/open_basedir_copy.phpt @@ -6,7 +6,6 @@ open_basedir=. <?php require_once "open_basedir.inc"; test_open_basedir_before("copy"); -$directory = dirname(__FILE__); var_dump(copy("ok.txt", "../bad")); var_dump(copy("ok.txt", "../bad/bad.txt")); diff --git a/tests/security/open_basedir_copy_variation1.phpt b/tests/security/open_basedir_copy_variation1.phpt index de532e12cb..899b31da27 100644 --- a/tests/security/open_basedir_copy_variation1.phpt +++ b/tests/security/open_basedir_copy_variation1.phpt @@ -6,7 +6,6 @@ open_basedir=. <?php require_once "open_basedir.inc"; test_open_basedir_before("copy"); -$directory = dirname(__FILE__); var_dump(copy("../bad/bad.txt", "copy.txt")); var_dump(unlink("copy.txt")); diff --git a/tests/security/open_basedir_dir.phpt b/tests/security/open_basedir_dir.phpt index c6e331be1c..b1d6272bdc 100644 --- a/tests/security/open_basedir_dir.phpt +++ b/tests/security/open_basedir_dir.phpt @@ -5,13 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); + test_open_basedir_before("dir"); test_open_basedir_error("dir"); -$directory = dirname(__FILE__); -var_dump(dir($directory."/test/ok/")); -var_dump(dir($directory."/test/ok")); -var_dump(dir($directory."/test/ok/../ok")); +var_dump(dir($initdir."/test/ok/")); +var_dump(dir($initdir."/test/ok")); +var_dump(dir($initdir."/test/ok/../ok")); test_open_basedir_after("dir");?> --CLEAN-- diff --git a/tests/security/open_basedir_disk_free_space.phpt b/tests/security/open_basedir_disk_free_space.phpt index e3e36e670a..365300ae61 100644 --- a/tests/security/open_basedir_disk_free_space.phpt +++ b/tests/security/open_basedir_disk_free_space.phpt @@ -5,11 +5,11 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; - +$initdir = getcwd(); test_open_basedir_before("disk_free_space"); test_open_basedir_error("disk_free_space"); -$directory = dirname(__FILE__); -var_dump(disk_free_space($directory."/test/ok")); + +var_dump(disk_free_space($initdir."/test/ok")); test_open_basedir_after("disk_free_space"); ?> --CLEAN-- diff --git a/tests/security/open_basedir_error_log.phpt b/tests/security/open_basedir_error_log.phpt index 581dd3f57e..e89e190215 100644 --- a/tests/security/open_basedir_error_log.phpt +++ b/tests/security/open_basedir_error_log.phpt @@ -6,14 +6,15 @@ error_log= --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("error_log"); -$directory = dirname(__FILE__); -var_dump(ini_set("error_log", $directory."/test/bad/bad.txt")); -var_dump(ini_set("error_log", $directory."/test/bad.txt")); -var_dump(ini_set("error_log", $directory."/bad.txt")); -var_dump(ini_set("error_log", $directory."/test/ok/ok.txt")); -var_dump(ini_set("error_log", $directory."/test/ok/ok.txt")); + +var_dump(ini_set("error_log", $initdir."/test/bad/bad.txt")); +var_dump(ini_set("error_log", $initdir."/test/bad.txt")); +var_dump(ini_set("error_log", $initdir."/bad.txt")); +var_dump(ini_set("error_log", $initdir."/test/ok/ok.txt")); +var_dump(ini_set("error_log", $initdir."/test/ok/ok.txt")); test_open_basedir_after("error_log"); ?> diff --git a/tests/security/open_basedir_error_log_variation.phpt b/tests/security/open_basedir_error_log_variation.phpt index d169a213e9..ab182669a8 100644 --- a/tests/security/open_basedir_error_log_variation.phpt +++ b/tests/security/open_basedir_error_log_variation.phpt @@ -5,14 +5,15 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("error_log"); -$directory = dirname(__FILE__); + define("DESTINATION_IS_FILE", 3); -var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $directory."/test/bad/bad.txt")); -var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $directory."/test/bad.txt")); -var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $directory."/bad.txt")); -var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $directory."/test/ok/ok.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/bad/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/ok/ok.txt")); test_open_basedir_after("error_log"); ?> diff --git a/tests/security/open_basedir_file.phpt b/tests/security/open_basedir_file.phpt index 36daa54e00..ad222e894b 100644 --- a/tests/security/open_basedir_file.phpt +++ b/tests/security/open_basedir_file.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; -$directory = dirname(__FILE__); +$initdir = getcwd(); test_open_basedir_before("file"); test_open_basedir_error("file"); var_dump(file("ok.txt")); var_dump(file("../ok/ok.txt")); -var_dump(file($directory."/test/ok/ok.txt")); -var_dump(file($directory."/test/ok/../ok/ok.txt")); +var_dump(file($initdir."/test/ok/ok.txt")); +var_dump(file($initdir."/test/ok/../ok/ok.txt")); test_open_basedir_after("file"); ?> diff --git a/tests/security/open_basedir_file_get_contents.phpt b/tests/security/open_basedir_file_get_contents.phpt index db117e4775..8ee5ddb793 100644 --- a/tests/security/open_basedir_file_get_contents.phpt +++ b/tests/security/open_basedir_file_get_contents.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; -$directory = dirname(__FILE__); +$initdir = getcwd(); test_open_basedir_before("file_get_contents"); test_open_basedir_error("file_get_contents"); var_dump(file_get_contents("ok.txt")); var_dump(file_get_contents("../ok/ok.txt")); -var_dump(file_get_contents($directory."/test/ok/ok.txt")); -var_dump(file_get_contents($directory."/test/ok/../ok/ok.txt")); +var_dump(file_get_contents($initdir."/test/ok/ok.txt")); +var_dump(file_get_contents($initdir."/test/ok/../ok/ok.txt")); test_open_basedir_after("file_get_contents"); ?> diff --git a/tests/security/open_basedir_file_put_contents.phpt b/tests/security/open_basedir_file_put_contents.phpt index 720c81dfe2..0235c509b5 100644 --- a/tests/security/open_basedir_file_put_contents.phpt +++ b/tests/security/open_basedir_file_put_contents.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("file_put_contents"); -$directory = dirname(__FILE__); var_dump(file_put_contents("../bad/bad.txt", "Hello World!")); var_dump(file_put_contents(".././bad/bad.txt", "Hello World!")); var_dump(file_put_contents("../bad/../bad/bad.txt", "Hello World!")); var_dump(file_put_contents("./.././bad/bad.txt", "Hello World!")); -var_dump(file_put_contents($directory."/test/bad/bad.txt", "Hello World!")); +var_dump(file_put_contents($initdir."/test/bad/bad.txt", "Hello World!")); test_open_basedir_after("file_put_contents"); ?> diff --git a/tests/security/open_basedir_fopen.phpt b/tests/security/open_basedir_fopen.phpt index e90bf3e2bc..3e236af9d5 100644 --- a/tests/security/open_basedir_fopen.phpt +++ b/tests/security/open_basedir_fopen.phpt @@ -5,8 +5,8 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("fopen"); -$directory = dirname(__FILE__); var_dump(fopen("../bad", "r")); var_dump(fopen("../bad/bad.txt", "r")); @@ -17,7 +17,7 @@ var_dump(fopen("../bad/.", "r")); var_dump(fopen("../bad/./bad.txt", "r")); var_dump(fopen("./../.", "r")); -var_dump(fopen($directory."/test/ok/ok.txt", "r")); +var_dump(fopen($initdir."/test/ok/ok.txt", "r")); var_dump(fopen("./ok.txt", "r")); var_dump(fopen("ok.txt", "r")); var_dump(fopen("../ok/ok.txt", "r")); diff --git a/tests/security/open_basedir_glob_variation.phpt b/tests/security/open_basedir_glob_variation.phpt new file mode 100644 index 0000000000..52c354f90b --- /dev/null +++ b/tests/security/open_basedir_glob_variation.phpt @@ -0,0 +1,26 @@ +--TEST-- +Test open_basedir configuration for glob +--INI-- +open_basedir=. +--FILE-- +<?php +$dir = "globtest1"; +$dir2 = "globtest2"; +mkdir($dir); +mkdir($dir2); +chdir($dir); +var_dump(glob("../globtest*")); +?> +--CLEAN-- +<?php +$dir = "globtest1"; +$dir2 = "globtest2"; +rmdir($dir); +rmdir($dir2); +?> +--EXPECT-- +array(1) { + [0]=> + string(12) "../globtest1" +} + diff --git a/tests/security/open_basedir_is_executable.phpt b/tests/security/open_basedir_is_executable.phpt index 1bab860557..375d4277cd 100644 --- a/tests/security/open_basedir_is_executable.phpt +++ b/tests/security/open_basedir_is_executable.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("is_executable"); test_open_basedir_error("is_executable"); var_dump(is_executable("ok.txt")); var_dump(is_executable("../ok/ok.txt")); -$directory = dirname(__FILE__); -var_dump(is_executable($directory."/test/ok/ok.txt")); -var_dump(is_executable($directory."/test/ok/../ok/ok.txt")); +var_dump(is_executable($initdir."/test/ok/ok.txt")); +var_dump(is_executable($initdir."/test/ok/../ok/ok.txt")); test_open_basedir_after("is_executable"); ?> diff --git a/tests/security/open_basedir_link.phpt b/tests/security/open_basedir_link.phpt index a54c22f4b6..82f97d6b09 100644 --- a/tests/security/open_basedir_link.phpt +++ b/tests/security/open_basedir_link.phpt @@ -11,23 +11,23 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("link"); -$directory = dirname(__FILE__); -$target = ($directory."/test/ok/ok.txt"); +$target = ($initdir."/test/ok/ok.txt"); var_dump(link($target, "../bad/link.txt")); var_dump(link($target, "../link.txt")); var_dump(link($target, "../bad/./link.txt")); var_dump(link($target, "./.././link.txt")); -$link = ($directory."/test/ok/link.txt"); +$link = ($initdir."/test/ok/link.txt"); var_dump(link("../bad/bad.txt", $link)); var_dump(link("../bad", $link)); var_dump(link("../bad/./bad.txt", $link)); var_dump(link("../bad/bad.txt", $link)); var_dump(link("./.././bad", $link)); -$target = ($directory."/test/ok/ok.txt"); +$target = ($initdir."/test/ok/ok.txt"); var_dump(link($target, $link)); var_dump(unlink($link)); diff --git a/tests/security/open_basedir_linkinfo.phpt b/tests/security/open_basedir_linkinfo.phpt index ab12a5149d..5c930dddce 100644 --- a/tests/security/open_basedir_linkinfo.phpt +++ b/tests/security/open_basedir_linkinfo.phpt @@ -11,25 +11,25 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("linkinfo", FALSE); -$directory = dirname(__FILE__); -chdir($directory); +chdir($initdir); -$target = ($directory."/test/bad/bad.txt"); -$symlink = ($directory."/test/ok/symlink.txt"); +$target = ($initdir."/test/bad/bad.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); var_dump(symlink($target, $symlink)); -chdir($directory."/test/ok"); +chdir($initdir."/test/ok"); var_dump(linkinfo("symlink.txt")); var_dump(linkinfo("../ok/symlink.txt")); var_dump(linkinfo("../ok/./symlink.txt")); var_dump(linkinfo("./symlink.txt")); -var_dump(linkinfo($directory."/test/ok/symlink.txt")); +var_dump(linkinfo($initdir."/test/ok/symlink.txt")); -$target = ($directory."/test/ok/ok.txt"); -$symlink = ($directory."/test/ok/symlink.txt"); +$target = ($initdir."/test/ok/ok.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); var_dump(symlink($target, $symlink)); var_dump(linkinfo($symlink)); var_dump(unlink($symlink)); diff --git a/tests/security/open_basedir_mkdir.phpt b/tests/security/open_basedir_mkdir.phpt index 253818ccf9..9c32d408a2 100644 --- a/tests/security/open_basedir_mkdir.phpt +++ b/tests/security/open_basedir_mkdir.phpt @@ -11,16 +11,16 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("mkdir"); -$directory = dirname(__FILE__); var_dump(mkdir("../bad/blah")); var_dump(mkdir("../blah")); var_dump(mkdir("../bad/./blah")); var_dump(mkdir("./.././blah")); -var_dump(mkdir($directory."/test/ok/blah")); -var_dump(rmdir($directory."/test/ok/blah")); +var_dump(mkdir($initdir."/test/ok/blah")); +var_dump(rmdir($initdir."/test/ok/blah")); test_open_basedir_after("mkdir"); ?> --CLEAN-- diff --git a/tests/security/open_basedir_opendir.phpt b/tests/security/open_basedir_opendir.phpt index a935d5655f..774b853569 100644 --- a/tests/security/open_basedir_opendir.phpt +++ b/tests/security/open_basedir_opendir.phpt @@ -5,13 +5,13 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("opendir"); test_open_basedir_error("opendir"); -$directory = dirname(__FILE__); -var_dump(opendir($directory."/test/ok/")); -var_dump(opendir($directory."/test/ok")); -var_dump(opendir($directory."/test/ok/../ok")); +var_dump(opendir($initdir."/test/ok/")); +var_dump(opendir($initdir."/test/ok")); +var_dump(opendir($initdir."/test/ok/../ok")); test_open_basedir_after("opendir");?> --CLEAN-- diff --git a/tests/security/open_basedir_readlink.phpt b/tests/security/open_basedir_readlink.phpt index cbba4307e5..a632dce243 100644 --- a/tests/security/open_basedir_readlink.phpt +++ b/tests/security/open_basedir_readlink.phpt @@ -11,25 +11,25 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("readlink", FALSE); -$directory = dirname(__FILE__); -chdir($directory); +chdir($initdir); -$target = ($directory."/test/bad/bad.txt"); -$symlink = ($directory."/test/ok/symlink.txt"); +$target = ($initdir."/test/bad/bad.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); var_dump(symlink($target, $symlink)); -chdir($directory."/test/ok"); +chdir($initdir."/test/ok"); var_dump(readlink("symlink.txt")); var_dump(readlink("../ok/symlink.txt")); var_dump(readlink("../ok/./symlink.txt")); var_dump(readlink("./symlink.txt")); -var_dump(readlink($directory."/test/ok/symlink.txt")); +var_dump(readlink($initdir."/test/ok/symlink.txt")); -$target = ($directory."/test/ok/ok.txt"); -$symlink = ($directory."/test/ok/symlink.txt"); +$target = ($initdir."/test/ok/ok.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); var_dump(symlink($target, $symlink)); var_dump(readlink($symlink)); var_dump(unlink($symlink)); diff --git a/tests/security/open_basedir_rename.phpt b/tests/security/open_basedir_rename.phpt index 428e7a070a..2747093342 100644 --- a/tests/security/open_basedir_rename.phpt +++ b/tests/security/open_basedir_rename.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("rename"); -$directory = dirname(__FILE__); var_dump(rename("../bad/bad.txt", "rename.txt")); var_dump(rename(".././bad/bad.txt", "rename.txt")); var_dump(rename("../bad/../bad/bad.txt", "rename.txt")); var_dump(rename("./.././bad/bad.txt", "rename.txt")); -var_dump(rename($directory."/test/bad/bad.txt", "rename.txt")); +var_dump(rename($initdir."/test/bad/bad.txt", "rename.txt")); test_open_basedir_after("rename"); ?> diff --git a/tests/security/open_basedir_rmdir.phpt b/tests/security/open_basedir_rmdir.phpt index b4d61f8b76..c1d4b6b14b 100644 --- a/tests/security/open_basedir_rmdir.phpt +++ b/tests/security/open_basedir_rmdir.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("rmdir"); -$directory = dirname(__FILE__); var_dump(rmdir("../bad")); var_dump(rmdir(".././bad")); var_dump(rmdir("../bad/../bad")); var_dump(rmdir("./.././bad")); -var_dump(rmdir($directory."/test/bad")); +var_dump(rmdir($initdir."/test/bad")); test_open_basedir_after("rmdir"); ?> diff --git a/tests/security/open_basedir_scandir.phpt b/tests/security/open_basedir_scandir.phpt index 77987402c6..caffaa1e5d 100644 --- a/tests/security/open_basedir_scandir.phpt +++ b/tests/security/open_basedir_scandir.phpt @@ -5,13 +5,13 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("scandir"); test_open_basedir_error("scandir"); -$directory = dirname(__FILE__); -var_dump(scandir($directory."/test/ok/")); -var_dump(scandir($directory."/test/ok")); -var_dump(scandir($directory."/test/ok/../ok")); +var_dump(scandir($initdir."/test/ok/")); +var_dump(scandir($initdir."/test/ok")); +var_dump(scandir($initdir."/test/ok/../ok")); test_open_basedir_after("scandir");?> --CLEAN-- @@ -48,7 +48,7 @@ Warning: scandir(..): failed to open dir: %s in %s on line %d Warning: scandir(): (errno 1): %s in %s on line %d bool(false) -Warning: scandir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line 80 +Warning: scandir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d Warning: scandir(../): failed to open dir: %s in %s on line %d diff --git a/tests/security/open_basedir_symlink.phpt b/tests/security/open_basedir_symlink.phpt index 3aaa07b820..cdc8e7bcc4 100644 --- a/tests/security/open_basedir_symlink.phpt +++ b/tests/security/open_basedir_symlink.phpt @@ -11,30 +11,30 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("symlink"); -$directory = dirname(__FILE__); -$target = ($directory."/test/ok/ok.txt"); +$target = ($initdir."/test/ok/ok.txt"); var_dump(symlink($target, "../bad/symlink.txt")); var_dump(symlink($target, "../symlink.txt")); var_dump(symlink($target, "../bad/./symlink.txt")); var_dump(symlink($target, "./.././symlink.txt")); -$symlink = ($directory."/test/ok/symlink.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); var_dump(symlink("../bad/bad.txt", $symlink)); var_dump(symlink("../bad", $symlink)); var_dump(symlink("../bad/./bad.txt", $symlink)); var_dump(symlink("../bad/bad.txt", $symlink)); var_dump(symlink("./.././bad", $symlink)); -$target = ($directory."/test/ok/ok.txt"); +$target = ($initdir."/test/ok/ok.txt"); var_dump(symlink($target, $symlink)); var_dump(unlink($symlink)); var_dump(mkdir("ok2")); -$symlink = ($directory."/test/ok/ok2/ok.txt"); -var_dump(symlink("../ok.txt", $symlink)); // $target == (dirname($symlink)."/".$target) == ($directory."/test/ok/ok.txt"); +$symlink = ($initdir."/test/ok/ok2/ok.txt"); +var_dump(symlink("../ok.txt", $symlink)); // $target == (dirname($symlink)."/".$target) == ($initdir."/test/ok/ok.txt"); var_dump(unlink($symlink)); test_open_basedir_after("symlink"); diff --git a/tests/security/open_basedir_tempnam.phpt b/tests/security/open_basedir_tempnam.phpt index 247ac88d5b..fd63e2978c 100644 --- a/tests/security/open_basedir_tempnam.phpt +++ b/tests/security/open_basedir_tempnam.phpt @@ -5,8 +5,8 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("tempnam"); -$directory = dirname(__FILE__); var_dump(tempnam("../bad", "test")); var_dump(tempnam("..", "test")); @@ -14,8 +14,19 @@ var_dump(tempnam("../", "test")); var_dump(tempnam("/", "test")); var_dump(tempnam("../bad/.", "test")); var_dump(tempnam("./../.", "test")); +var_dump(tempnam("", "test")); -$file = tempnam($directory."/test/ok", "test"); +//absolute test +$file = tempnam($initdir."/test/ok", "test"); +var_dump($file); +var_dump(unlink($file)); + +//relative test +$file = tempnam(".", "test"); +var_dump($file); +var_dump(unlink($file)); + +$file = tempnam("../ok", "test"); var_dump($file); var_dump(unlink($file)); @@ -51,6 +62,13 @@ bool(false) Warning: tempnam(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File() is not within the allowed path(s): (.) in %s on line %d +bool(false) +string(%d) "%s" +bool(true) +string(%d) "%s" +bool(true) string(%d) "%s" bool(true) *** Finished testing open_basedir configuration [tempnam] *** diff --git a/tests/security/open_basedir_touch.phpt b/tests/security/open_basedir_touch.phpt index b0a5aee612..3a8aee8219 100644 --- a/tests/security/open_basedir_touch.phpt +++ b/tests/security/open_basedir_touch.phpt @@ -5,8 +5,8 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("touch"); -$directory = dirname(__FILE__); var_dump(touch("../bad")); var_dump(touch("../bad/bad.txt")); @@ -17,7 +17,7 @@ var_dump(touch("../bad/.")); var_dump(touch("../bad/./bad.txt")); var_dump(touch("./../.")); -var_dump(touch($directory."/test/ok/ok.txt")); +var_dump(touch($initdir."/test/ok/ok.txt")); var_dump(touch("./ok.txt")); var_dump(touch("ok.txt")); var_dump(touch("../ok/ok.txt")); diff --git a/tests/security/open_basedir_unlink.phpt b/tests/security/open_basedir_unlink.phpt index 75b0f3f4a9..aeedac9130 100644 --- a/tests/security/open_basedir_unlink.phpt +++ b/tests/security/open_basedir_unlink.phpt @@ -5,14 +5,14 @@ open_basedir=. --FILE-- <?php require_once "open_basedir.inc"; +$initdir = getcwd(); test_open_basedir_before("unlink"); -$directory = dirname(__FILE__); var_dump(unlink("../bad/bad.txt")); var_dump(unlink(".././bad/bad.txt")); var_dump(unlink("../bad/../bad/bad.txt")); var_dump(unlink("./.././bad/bad.txt")); -var_dump(unlink($directory."/test/bad/bad.txt")); +var_dump(unlink($initdir."/test/bad/bad.txt")); test_open_basedir_after("unlink"); ?> |