diff options
Diffstat (limited to 'tests/security')
49 files changed, 2999 insertions, 0 deletions
diff --git a/tests/security/bug53226.phpt b/tests/security/bug53226.phpt new file mode 100644 index 0000000..9556e46 --- /dev/null +++ b/tests/security/bug53226.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #53226 (file_exists fails on big filenames) +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +create_directories(); + +var_dump(file_exists('./test/ok/ok.txt')); +var_dump(file_exists('./test/foo')); + +$file = str_repeat('x', 2 * PHP_MAXPATHLEN); +var_dump(file_exists("./test/$file")); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +bool(true) +bool(true) +bool(true) +bool(true) +bool(false) + +Warning: file_exists(): File name is longer than the maximum allowed path length on this platform (%d): %s in %s on line %d +bool(false) diff --git a/tests/security/open_basedir.inc b/tests/security/open_basedir.inc new file mode 100644 index 0000000..c5de8ca --- /dev/null +++ b/tests/security/open_basedir.inc @@ -0,0 +1,139 @@ +<?php + +// This file contains helper functions for testing open_basedir configuration +// Care must be taken with where the directories are created because different +// SAPIs set the working directory differently. So simply creating a directory +// relative to the current working directory like this: mkdir("blah") might +// actually create it in several different places depending on the SAPI..! +// +// Note also depending on the version of php being tested, so the open_basedir +// configuration may or may not be changeable from a script (PHP_INI_SYSTEM). +// +// For this reason we set the open_basedir to . (current directory) and then +// move around to various directories for testing using chdir(). This is NOT +// recommended for production use as . bypasses all semblence of security..! +// +// Although safe mode has been removed in php 6.0, open_basedir is still valid. +// See http://www.php.net/features.safe-mode for more information + +function recursive_delete_directory($directory) { + + // Remove any trailing slash first + if (substr($directory, -1) == '/') { + $directory = substr($directory, 0, -1); + } + + // Make sure the directory is valid + if (is_dir($directory) == FALSE) { + return FALSE; + } + + // Check we can access the directory + if (is_readable($directory) == FALSE) { + return FALSE; + } + + $handle = opendir($directory); + + // Scan through the directory contents + while (FALSE !== ($item = readdir($handle))) { + if ($item != '.') { + if ($item != '..') { + $path = ($directory.'/'.$item); + if (is_dir($path) == TRUE) { + recursive_delete_directory($path); + } else { + @chmod($path, 0777); + unlink($path); + } + } + } + } + + closedir($handle); + @chmod($directory, 0777); + rmdir($directory); + + return TRUE; +} + +function create_directories() { + delete_directories(); + $directory = getcwd(); + + var_dump(mkdir($directory."/test")); + var_dump(mkdir($directory."/test/ok")); + var_dump(mkdir($directory."/test/bad")); + file_put_contents($directory."/test/ok/ok.txt", "Hello World!"); + file_put_contents($directory."/test/bad/bad.txt", "Hello World!"); +} + +function delete_directories() { + $directory = (getcwd()."/test"); + recursive_delete_directory($directory); +} + +function test_open_basedir_error($function) { + global $savedDirectory; + var_dump($function("../bad")); + var_dump($function("../bad/bad.txt")); + var_dump($function("..")); + var_dump($function("../")); + var_dump($function("/")); + var_dump($function("../bad/.")); + $directory = $savedDirectory; + var_dump($function($directory."/test/bad/bad.txt")); + var_dump($function($directory."/test/bad/../bad/bad.txt")); +} + +function test_open_basedir_before($function, $change = TRUE) { + global $savedDirectory; + echo "*** Testing open_basedir configuration [$function] ***\n"; + $directory = getcwd(); + $savedDirectory = $directory; + var_dump(chdir($directory)); + create_directories(); + + // Optionally change directory + if ($change == TRUE) { + var_dump(chdir($directory."/test/ok")); + } +} + +// Delete directories using a --CLEAN-- section! +function test_open_basedir_after($function) { + echo "*** Finished testing open_basedir configuration [$function] ***\n"; +} + +// This is used by functions that return an array on success +function test_open_basedir_array($function) { + global $savedDirectory; + + test_open_basedir_before($function); + test_open_basedir_error($function); + var_dump(is_array($function("./../."))); + var_dump(is_array($function("../ok"))); + var_dump(is_array($function("ok.txt"))); + var_dump(is_array($function("../ok/ok.txt"))); + $directory = $savedDirectory; + var_dump(is_array($function($directory."/test/ok/ok.txt"))); + var_dump(is_array($function($directory."/test/ok/../ok/ok.txt"))); + test_open_basedir_after($function); +} + +function test_open_basedir($function) { + global $savedDirectory; + test_open_basedir_before($function); + test_open_basedir_error($function); + var_dump($function("./../.")); + var_dump($function("../ok")); + var_dump($function("ok.txt")); + var_dump($function("../ok/ok.txt")); + $directory = $savedDirectory; + var_dump($function($directory."/test/ok/ok.txt")); + var_dump($function($directory."/test/ok/../ok/ok.txt")); + test_open_basedir_after($function); +} + +?> + diff --git a/tests/security/open_basedir_001.phpt b/tests/security/open_basedir_001.phpt new file mode 100644 index 0000000..9ea9559 --- /dev/null +++ b/tests/security/open_basedir_001.phpt @@ -0,0 +1,25 @@ +--TEST-- +openbase_dir runtime tightning +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) == 'WIN') { + die('skip.. only for unix'); +} +if (!is_dir("/usr/local/bin")) { + die('skip.. no /usr/local/bin on this machine'); +} +--INI-- +open_basedir=/usr/local +--FILE-- +<?php +var_dump(ini_set("open_basedir", "/usr/local/bin")); +var_dump(ini_get("open_basedir")); +var_dump(ini_set("open_basedir", "/usr")); +var_dump(ini_get("open_basedir")); +?> +--EXPECT-- +string(10) "/usr/local" +string(14) "/usr/local/bin" +bool(false) +string(14) "/usr/local/bin" + diff --git a/tests/security/open_basedir_chdir.phpt b/tests/security/open_basedir_chdir.phpt new file mode 100644 index 0000000..aa8cef5 --- /dev/null +++ b/tests/security/open_basedir_chdir.phpt @@ -0,0 +1,50 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_before("chdir"); + +var_dump(chdir("../bad")); +var_dump(chdir("..")); +var_dump(chdir("../")); +var_dump(chdir("/")); +var_dump(chdir("../bad/.")); +var_dump(chdir("./../.")); + +test_open_basedir_after("chdir"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [chdir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: chdir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chdir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chdir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chdir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chdir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chdir(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [chdir] *** + diff --git a/tests/security/open_basedir_chmod.phpt b/tests/security/open_basedir_chmod.phpt new file mode 100644 index 0000000..7256d6e --- /dev/null +++ b/tests/security/open_basedir_chmod.phpt @@ -0,0 +1,72 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); + +test_open_basedir_before("chmod"); + +var_dump(chmod("../bad", 0600)); +var_dump(chmod("../bad/bad.txt", 0600)); +var_dump(chmod("..", 0600)); +var_dump(chmod("../", 0600)); +var_dump(chmod("/", 0600)); +var_dump(chmod("../bad/.", 0600)); +var_dump(chmod("../bad/./bad.txt", 0600)); +var_dump(chmod("./../.", 0600)); + +var_dump(chmod($initdir."/test/ok/ok.txt", 0600)); +var_dump(chmod("./ok.txt", 0600)); +var_dump(chmod("ok.txt", 0600)); +var_dump(chmod("../ok/ok.txt", 0600)); +var_dump(chmod("../ok/./ok.txt", 0600)); +chmod($initdir."/test/ok/ok.txt", 0777); + +test_open_basedir_after("chmod"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [chmod] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: chmod(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(../bad/./bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: chmod(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [chmod] *** + diff --git a/tests/security/open_basedir_copy.phpt b/tests/security/open_basedir_copy.phpt new file mode 100644 index 0000000..7cb902a --- /dev/null +++ b/tests/security/open_basedir_copy.phpt @@ -0,0 +1,78 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_before("copy"); + +var_dump(copy("ok.txt", "../bad")); +var_dump(copy("ok.txt", "../bad/bad.txt")); +var_dump(copy("ok.txt", "..")); +var_dump(copy("ok.txt", "../")); +var_dump(copy("ok.txt", "/")); +var_dump(copy("ok.txt", "../bad/.")); +var_dump(copy("ok.txt", "../bad/./bad.txt")); +var_dump(copy("ok.txt", "./../.")); + +var_dump(copy("ok.txt", "copy.txt")); +var_dump(unlink("copy.txt")); +test_open_basedir_after("copy"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [copy] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: copy(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(../bad): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(..): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(../): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(/): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(../bad/.): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(../bad/./bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(../bad/./bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: copy(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d + +Warning: copy(./../.): failed to open stream: %s in %s on line %d +bool(false) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [copy] *** + diff --git a/tests/security/open_basedir_copy_variation1.phpt b/tests/security/open_basedir_copy_variation1.phpt new file mode 100644 index 0000000..899b31d --- /dev/null +++ b/tests/security/open_basedir_copy_variation1.phpt @@ -0,0 +1,34 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_before("copy"); + +var_dump(copy("../bad/bad.txt", "copy.txt")); +var_dump(unlink("copy.txt")); + +test_open_basedir_after("copy"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [copy] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: copy(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: unlink(copy.txt): No such file or directory in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [copy] *** + diff --git a/tests/security/open_basedir_dir.phpt b/tests/security/open_basedir_dir.phpt new file mode 100644 index 0000000..b1d6272 --- /dev/null +++ b/tests/security/open_basedir_dir.phpt @@ -0,0 +1,89 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); + +test_open_basedir_before("dir"); +test_open_basedir_error("dir"); + +var_dump(dir($initdir."/test/ok/")); +var_dump(dir($initdir."/test/ok")); +var_dump(dir($initdir."/test/ok/../ok")); + +test_open_basedir_after("dir");?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [dir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: dir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(../bad): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(../bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(..): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(../): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(/): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(../bad/.): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(%s/test/bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) + +Warning: dir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: dir(%s/test/bad/../bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) +object(Directory)#%d (2) { + ["path"]=> + string(%d) "%s/test/ok/" + ["handle"]=> + resource(%d) of type (stream) +} +object(Directory)#%d (2) { + ["path"]=> + string(%d) "%s/test/ok" + ["handle"]=> + resource(%d) of type (stream) +} +object(Directory)#%d (2) { + ["path"]=> + string(%d) "%s/test/ok/../ok" + ["handle"]=> + resource(%d) of type (stream) +} +*** Finished testing open_basedir configuration [dir] *** + diff --git a/tests/security/open_basedir_disk_free_space.phpt b/tests/security/open_basedir_disk_free_space.phpt new file mode 100644 index 0000000..365300a --- /dev/null +++ b/tests/security/open_basedir_disk_free_space.phpt @@ -0,0 +1,52 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("disk_free_space"); +test_open_basedir_error("disk_free_space"); + +var_dump(disk_free_space($initdir."/test/ok")); +test_open_basedir_after("disk_free_space"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [disk_free_space] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: disk_free_space(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: disk_free_space(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +float(%s) +*** Finished testing open_basedir configuration [disk_free_space] *** diff --git a/tests/security/open_basedir_error_log.phpt b/tests/security/open_basedir_error_log.phpt new file mode 100644 index 0000000..e89e190 --- /dev/null +++ b/tests/security/open_basedir_error_log.phpt @@ -0,0 +1,45 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +error_log= +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("error_log"); + + +var_dump(ini_set("error_log", $initdir."/test/bad/bad.txt")); +var_dump(ini_set("error_log", $initdir."/test/bad.txt")); +var_dump(ini_set("error_log", $initdir."/bad.txt")); +var_dump(ini_set("error_log", $initdir."/test/ok/ok.txt")); +var_dump(ini_set("error_log", $initdir."/test/ok/ok.txt")); + +test_open_basedir_after("error_log"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [error_log] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: ini_set(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: ini_set(): open_basedir restriction in effect. File(%s/test/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: ini_set(): open_basedir restriction in effect. File(%s/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +string(0) "" +string(%d) "%s/test/ok/ok.txt" +*** Finished testing open_basedir configuration [error_log] *** + diff --git a/tests/security/open_basedir_error_log_variation.phpt b/tests/security/open_basedir_error_log_variation.phpt new file mode 100644 index 0000000..ab18266 --- /dev/null +++ b/tests/security/open_basedir_error_log_variation.phpt @@ -0,0 +1,49 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("error_log"); + +define("DESTINATION_IS_FILE", 3); + +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/bad/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/bad.txt")); +var_dump(error_log("Hello World!", DESTINATION_IS_FILE, $initdir."/test/ok/ok.txt")); + +test_open_basedir_after("error_log"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [error_log] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: error_log(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: error_log(%s/test/bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: error_log(): open_basedir restriction in effect. File(%s/test/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: error_log(%s/test/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: error_log(): open_basedir restriction in effect. File(%s/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: error_log(%s/bad.txt): failed to open stream: %s in %s on line %d +bool(false) +bool(true) +*** Finished testing open_basedir configuration [error_log] *** + diff --git a/tests/security/open_basedir_file.phpt b/tests/security/open_basedir_file.phpt new file mode 100644 index 0000000..ad222e8 --- /dev/null +++ b/tests/security/open_basedir_file.phpt @@ -0,0 +1,88 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("file"); +test_open_basedir_error("file"); + +var_dump(file("ok.txt")); +var_dump(file("../ok/ok.txt")); +var_dump(file($initdir."/test/ok/ok.txt")); +var_dump(file($initdir."/test/ok/../ok/ok.txt")); + +test_open_basedir_after("file"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [file] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: file(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(../bad): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(..): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(../): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(/): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(../bad/.): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(%s/test/bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file(%s/test/bad/../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) +array(1) { + [0]=> + string(12) "Hello World!" +} +array(1) { + [0]=> + string(12) "Hello World!" +} +array(1) { + [0]=> + string(12) "Hello World!" +} +array(1) { + [0]=> + string(12) "Hello World!" +} +*** Finished testing open_basedir configuration [file] *** + diff --git a/tests/security/open_basedir_file_exists.phpt b/tests/security/open_basedir_file_exists.phpt new file mode 100644 index 0000000..c249fc1 --- /dev/null +++ b/tests/security/open_basedir_file_exists.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("file_exists"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [file_exists] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: file_exists(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: file_exists(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [file_exists] *** + diff --git a/tests/security/open_basedir_file_get_contents.phpt b/tests/security/open_basedir_file_get_contents.phpt new file mode 100644 index 0000000..8ee5ddb --- /dev/null +++ b/tests/security/open_basedir_file_get_contents.phpt @@ -0,0 +1,75 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("file_get_contents"); +test_open_basedir_error("file_get_contents"); + +var_dump(file_get_contents("ok.txt")); +var_dump(file_get_contents("../ok/ok.txt")); +var_dump(file_get_contents($initdir."/test/ok/ok.txt")); +var_dump(file_get_contents($initdir."/test/ok/../ok/ok.txt")); + +test_open_basedir_after("file_get_contents"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [file_get_contents] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: file_get_contents(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(../bad): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(..): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(../): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(/): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(../bad/.): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(%s/test/bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_get_contents(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_get_contents(%s/test/bad/../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) +string(12) "Hello World!" +string(12) "Hello World!" +string(12) "Hello World!" +string(12) "Hello World!" +*** Finished testing open_basedir configuration [file_get_contents] *** diff --git a/tests/security/open_basedir_file_put_contents.phpt b/tests/security/open_basedir_file_put_contents.phpt new file mode 100644 index 0000000..0235c50 --- /dev/null +++ b/tests/security/open_basedir_file_put_contents.phpt @@ -0,0 +1,57 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("file_put_contents"); + +var_dump(file_put_contents("../bad/bad.txt", "Hello World!")); +var_dump(file_put_contents(".././bad/bad.txt", "Hello World!")); +var_dump(file_put_contents("../bad/../bad/bad.txt", "Hello World!")); +var_dump(file_put_contents("./.././bad/bad.txt", "Hello World!")); +var_dump(file_put_contents($initdir."/test/bad/bad.txt", "Hello World!")); + +test_open_basedir_after("file_put_contents"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [file_put_contents] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: file_put_contents(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_put_contents(../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_put_contents(): open_basedir restriction in effect. File(.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_put_contents(.././bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_put_contents(): open_basedir restriction in effect. File(../bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_put_contents(../bad/../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_put_contents(): open_basedir restriction in effect. File(./.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_put_contents(./.././bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: file_put_contents(): open_basedir restriction in effect. File%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: file_put_contents%s/test/bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [file_put_contents] *** + diff --git a/tests/security/open_basedir_fileatime.phpt b/tests/security/open_basedir_fileatime.phpt new file mode 100644 index 0000000..02cc94f --- /dev/null +++ b/tests/security/open_basedir_fileatime.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("fileatime"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [fileatime] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: fileatime(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileatime(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [fileatime] *** + diff --git a/tests/security/open_basedir_filectime.phpt b/tests/security/open_basedir_filectime.phpt new file mode 100644 index 0000000..542c842 --- /dev/null +++ b/tests/security/open_basedir_filectime.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("filectime"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [filectime] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: filectime(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filectime(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [filectime] *** + diff --git a/tests/security/open_basedir_filegroup.phpt b/tests/security/open_basedir_filegroup.phpt new file mode 100644 index 0000000..5f6279a --- /dev/null +++ b/tests/security/open_basedir_filegroup.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("filegroup"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [filegroup] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: filegroup(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filegroup(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [filegroup] *** + diff --git a/tests/security/open_basedir_fileinode.phpt b/tests/security/open_basedir_fileinode.phpt new file mode 100644 index 0000000..070c2c8 --- /dev/null +++ b/tests/security/open_basedir_fileinode.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("fileinode"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [fileinode] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: fileinode(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileinode(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [fileinode] *** + diff --git a/tests/security/open_basedir_filemtime.phpt b/tests/security/open_basedir_filemtime.phpt new file mode 100644 index 0000000..7213ddb --- /dev/null +++ b/tests/security/open_basedir_filemtime.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("filemtime"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [filemtime] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: filemtime(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filemtime(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [filemtime] *** + diff --git a/tests/security/open_basedir_fileowner.phpt b/tests/security/open_basedir_fileowner.phpt new file mode 100644 index 0000000..b363b7e --- /dev/null +++ b/tests/security/open_basedir_fileowner.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("fileowner"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [fileowner] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: fileowner(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileowner(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [fileowner] *** + diff --git a/tests/security/open_basedir_fileperms.phpt b/tests/security/open_basedir_fileperms.phpt new file mode 100644 index 0000000..a1e6511 --- /dev/null +++ b/tests/security/open_basedir_fileperms.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("fileperms"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [fileperms] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: fileperms(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: fileperms(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [fileperms] *** + diff --git a/tests/security/open_basedir_filesize.phpt b/tests/security/open_basedir_filesize.phpt new file mode 100644 index 0000000..a335dfd --- /dev/null +++ b/tests/security/open_basedir_filesize.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("filesize"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [filesize] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: filesize(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filesize(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) +*** Finished testing open_basedir configuration [filesize] *** + diff --git a/tests/security/open_basedir_filetype.phpt b/tests/security/open_basedir_filetype.phpt new file mode 100644 index 0000000..5091db5 --- /dev/null +++ b/tests/security/open_basedir_filetype.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("filetype"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [filetype] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: filetype(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: filetype(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +string(3) "dir" +string(4) "file" +string(4) "file" +string(4) "file" +string(4) "file" +*** Finished testing open_basedir configuration [filetype] *** + diff --git a/tests/security/open_basedir_fopen.phpt b/tests/security/open_basedir_fopen.phpt new file mode 100644 index 0000000..3e236af --- /dev/null +++ b/tests/security/open_basedir_fopen.phpt @@ -0,0 +1,86 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("fopen"); + +var_dump(fopen("../bad", "r")); +var_dump(fopen("../bad/bad.txt", "r")); +var_dump(fopen("..", "r")); +var_dump(fopen("../", "r")); +var_dump(fopen("/", "r")); +var_dump(fopen("../bad/.", "r")); +var_dump(fopen("../bad/./bad.txt", "r")); +var_dump(fopen("./../.", "r")); + +var_dump(fopen($initdir."/test/ok/ok.txt", "r")); +var_dump(fopen("./ok.txt", "r")); +var_dump(fopen("ok.txt", "r")); +var_dump(fopen("../ok/ok.txt", "r")); +var_dump(fopen("../ok/./ok.txt", "r")); + +test_open_basedir_after("fopen"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [fopen] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: fopen(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(../bad): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(../bad/bad.txt): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(..): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(../): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(/): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(../bad/.): failed to open stream: %s in %s on line %d +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(../bad/./bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(../bad/./bad.txt): failed to open stream: %s in %s on line 12 +bool(false) + +Warning: fopen(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d + +Warning: fopen(./../.): failed to open stream: %s in %s on line %d +bool(false) +resource(%d) of type (stream) +resource(%d) of type (stream) +resource(%d) of type (stream) +resource(%d) of type (stream) +resource(%d) of type (stream) +*** Finished testing open_basedir configuration [fopen] *** + diff --git a/tests/security/open_basedir_glob.phpt b/tests/security/open_basedir_glob.phpt new file mode 100644 index 0000000..602e48d --- /dev/null +++ b/tests/security/open_basedir_glob.phpt @@ -0,0 +1,52 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("glob"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [glob] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +array(1) { + [0]=> + string(5) "../ok" +} +array(1) { + [0]=> + string(6) "ok.txt" +} +array(1) { + [0]=> + string(12) "../ok/ok.txt" +} +array(1) { + [0]=> + string(%d) "%s/test/ok/ok.txt" +} +array(1) { + [0]=> + string(%d) "%s/test/ok/../ok/ok.txt" +} +*** Finished testing open_basedir configuration [glob] *** + diff --git a/tests/security/open_basedir_glob_variation.phpt b/tests/security/open_basedir_glob_variation.phpt new file mode 100644 index 0000000..52c354f --- /dev/null +++ b/tests/security/open_basedir_glob_variation.phpt @@ -0,0 +1,26 @@ +--TEST-- +Test open_basedir configuration for glob +--INI-- +open_basedir=. +--FILE-- +<?php +$dir = "globtest1"; +$dir2 = "globtest2"; +mkdir($dir); +mkdir($dir2); +chdir($dir); +var_dump(glob("../globtest*")); +?> +--CLEAN-- +<?php +$dir = "globtest1"; +$dir2 = "globtest2"; +rmdir($dir); +rmdir($dir2); +?> +--EXPECT-- +array(1) { + [0]=> + string(12) "../globtest1" +} + diff --git a/tests/security/open_basedir_is_dir.phpt b/tests/security/open_basedir_is_dir.phpt new file mode 100644 index 0000000..e4ad620 --- /dev/null +++ b/tests/security/open_basedir_is_dir.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("is_dir"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_dir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_dir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_dir(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(false) +bool(false) +bool(false) +bool(false) +*** Finished testing open_basedir configuration [is_dir] *** + diff --git a/tests/security/open_basedir_is_executable.phpt b/tests/security/open_basedir_is_executable.phpt new file mode 100644 index 0000000..375d427 --- /dev/null +++ b/tests/security/open_basedir_is_executable.phpt @@ -0,0 +1,59 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("is_executable"); +test_open_basedir_error("is_executable"); + +var_dump(is_executable("ok.txt")); +var_dump(is_executable("../ok/ok.txt")); +var_dump(is_executable($initdir."/test/ok/ok.txt")); +var_dump(is_executable($initdir."/test/ok/../ok/ok.txt")); + +test_open_basedir_after("is_executable"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_executable] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_executable(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_executable(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +*** Finished testing open_basedir configuration [is_executable] *** diff --git a/tests/security/open_basedir_is_file.phpt b/tests/security/open_basedir_is_file.phpt new file mode 100644 index 0000000..51ef0a2 --- /dev/null +++ b/tests/security/open_basedir_is_file.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("is_file"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_file] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_file(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_file(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [is_file] *** + diff --git a/tests/security/open_basedir_is_link.phpt b/tests/security/open_basedir_is_link.phpt new file mode 100644 index 0000000..5d12148 --- /dev/null +++ b/tests/security/open_basedir_is_link.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("is_link"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_link] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_link(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_link(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +*** Finished testing open_basedir configuration [is_link] *** + diff --git a/tests/security/open_basedir_is_readable.phpt b/tests/security/open_basedir_is_readable.phpt new file mode 100644 index 0000000..951a19a --- /dev/null +++ b/tests/security/open_basedir_is_readable.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("is_readable"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_readable] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_readable(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_readable(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [is_readable] *** + diff --git a/tests/security/open_basedir_is_writable.phpt b/tests/security/open_basedir_is_writable.phpt new file mode 100644 index 0000000..25ce1c6 --- /dev/null +++ b/tests/security/open_basedir_is_writable.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("is_writable"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [is_writable] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: is_writable(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: is_writable(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [is_writable] *** + diff --git a/tests/security/open_basedir_link.phpt b/tests/security/open_basedir_link.phpt new file mode 100644 index 0000000..82f97d6 --- /dev/null +++ b/tests/security/open_basedir_link.phpt @@ -0,0 +1,78 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) == 'WIN') { + die('skip no links on Windows'); +} +?> +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("link"); + +$target = ($initdir."/test/ok/ok.txt"); +var_dump(link($target, "../bad/link.txt")); +var_dump(link($target, "../link.txt")); +var_dump(link($target, "../bad/./link.txt")); +var_dump(link($target, "./.././link.txt")); + +$link = ($initdir."/test/ok/link.txt"); +var_dump(link("../bad/bad.txt", $link)); +var_dump(link("../bad", $link)); +var_dump(link("../bad/./bad.txt", $link)); +var_dump(link("../bad/bad.txt", $link)); +var_dump(link("./.././bad", $link)); + +$target = ($initdir."/test/ok/ok.txt"); + +var_dump(link($target, $link)); +var_dump(unlink($link)); +test_open_basedir_after("link"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [link] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad/link.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/link.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad/link.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/link.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: link(): open_basedir restriction in effect. File(%s/test/bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [link] *** + diff --git a/tests/security/open_basedir_linkinfo.phpt b/tests/security/open_basedir_linkinfo.phpt new file mode 100644 index 0000000..f8be453 --- /dev/null +++ b/tests/security/open_basedir_linkinfo.phpt @@ -0,0 +1,65 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) == 'WIN') { + die('skip no symlinks on Windows'); +} +?> +--XFAIL-- +BUG: open_basedir cannot delete symlink to prohibited file. See also +bugs 48111 and 52176. +--FILE-- +<?php +chdir(__DIR__); +ini_set("open_basedir", "."); +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("linkinfo", FALSE); + +chdir($initdir); + +$target = ($initdir."/test/bad/bad.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); +var_dump(symlink($target, $symlink)); + +chdir($initdir."/test/ok"); + +var_dump(linkinfo("symlink.txt")); +var_dump(linkinfo("../ok/symlink.txt")); +var_dump(linkinfo("../ok/./symlink.txt")); +var_dump(linkinfo("./symlink.txt")); +var_dump(linkinfo($initdir."/test/ok/symlink.txt")); + +$target = ($initdir."/test/ok/ok.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); +var_dump(symlink($target, $symlink)); +var_dump(linkinfo($symlink)); +var_dump(unlink($symlink)); + +test_open_basedir_after("linkinfo"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [linkinfo] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +int(%d) +int(%d) +int(%d) +int(%d) +int(%d) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +int(%d) +bool(true) +*** Finished testing open_basedir configuration [linkinfo] *** + diff --git a/tests/security/open_basedir_lstat.phpt b/tests/security/open_basedir_lstat.phpt new file mode 100644 index 0000000..35e5a22 --- /dev/null +++ b/tests/security/open_basedir_lstat.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_array("lstat"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [lstat] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: lstat(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: lstat(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [lstat] *** + diff --git a/tests/security/open_basedir_mkdir.phpt b/tests/security/open_basedir_mkdir.phpt new file mode 100644 index 0000000..9c32d40 --- /dev/null +++ b/tests/security/open_basedir_mkdir.phpt @@ -0,0 +1,52 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) != 'WIN') { + die('skip Windows only variation'); +} +?> +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("mkdir"); + +var_dump(mkdir("../bad/blah")); +var_dump(mkdir("../blah")); +var_dump(mkdir("../bad/./blah")); +var_dump(mkdir("./.././blah")); + +var_dump(mkdir($initdir."/test/ok/blah")); +var_dump(rmdir($initdir."/test/ok/blah")); +test_open_basedir_after("mkdir"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [mkdir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: mkdir(): open_basedir restriction in effect. File(../bad/blah) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: mkdir(): open_basedir restriction in effect. File(../blah) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: mkdir(): open_basedir restriction in effect. File(../bad/./blah) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: mkdir(): open_basedir restriction in effect. File(./.././blah) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [mkdir] *** diff --git a/tests/security/open_basedir_opendir.phpt b/tests/security/open_basedir_opendir.phpt new file mode 100644 index 0000000..774b853 --- /dev/null +++ b/tests/security/open_basedir_opendir.phpt @@ -0,0 +1,73 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("opendir"); +test_open_basedir_error("opendir"); + +var_dump(opendir($initdir."/test/ok/")); +var_dump(opendir($initdir."/test/ok")); +var_dump(opendir($initdir."/test/ok/../ok")); + +test_open_basedir_after("opendir");?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [opendir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: opendir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(../bad): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(../bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(..): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(../): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(/): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(../bad/.): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(%s/test/bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) + +Warning: opendir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: opendir(%s/test/bad/../bad/bad.txt): failed to open dir: %s in %s on line %d +bool(false) +resource(%d) of type (stream) +resource(%d) of type (stream) +resource(%d) of type (stream) +*** Finished testing open_basedir configuration [opendir] *** + diff --git a/tests/security/open_basedir_parse_ini_file.phpt b/tests/security/open_basedir_parse_ini_file.phpt new file mode 100644 index 0000000..d69adeb --- /dev/null +++ b/tests/security/open_basedir_parse_ini_file.phpt @@ -0,0 +1,75 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) != 'WIN') { + die('skip Windows only variation'); +} +?> +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_before("parse_ini_file"); +$directory = dirname(__FILE__); + +var_dump(parse_ini_file("../bad")); +var_dump(parse_ini_file("../bad/bad.txt")); +var_dump(parse_ini_file("..")); +var_dump(parse_ini_file("../")); +var_dump(parse_ini_file("../bad/.")); +var_dump(parse_ini_file("../bad/./bad.txt")); +var_dump(parse_ini_file("./../.")); + +test_open_basedir_after("parse_ini_file"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [parse_ini_file] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest\bad) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 6 + +Warning: parse_ini_file(%stest\bad): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 6 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest\bad\bad.txt) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 7 + +Warning: parse_ini_file(%stest\bad\bad.txt): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 7 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 8 + +Warning: parse_ini_file(%stest): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 8 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 9 + +Warning: parse_ini_file(%stest): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 9 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest\bad) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 10 + +Warning: parse_ini_file(%stest\bad): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 10 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest\bad\bad.txt) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 11 + +Warning: parse_ini_file(%stest\bad\bad.txt): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 11 +bool(false) + +Warning: parse_ini_file(): open_basedir restriction in effect. File(%stest) is not within the allowed path(s): (.) in %sopen_basedir_parse_ini_file.php on line 12 + +Warning: parse_ini_file(%stest): failed to open stream: Operation not permitted in %sopen_basedir_parse_ini_file.php on line 12 +bool(false) +*** Finished testing open_basedir configuration [parse_ini_file] *** + diff --git a/tests/security/open_basedir_readlink.phpt b/tests/security/open_basedir_readlink.phpt new file mode 100644 index 0000000..b102ee9 --- /dev/null +++ b/tests/security/open_basedir_readlink.phpt @@ -0,0 +1,72 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) == 'WIN') { + die('skip no symlinks on Windows'); +} +?> +--FILE-- +<?php +chdir(__DIR__); +ini_set("open_basedir", "."); +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("readlink", FALSE); + +chdir($initdir); + +$target = ($initdir."/test/bad/bad.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); +var_dump(symlink($target, $symlink)); + +chdir($initdir."/test/ok"); + +var_dump(readlink("symlink.txt")); +var_dump(readlink("../ok/symlink.txt")); +var_dump(readlink("../ok/./symlink.txt")); +var_dump(readlink("./symlink.txt")); +var_dump(readlink($initdir."/test/ok/symlink.txt")); + +$target = ($initdir."/test/ok/ok.txt"); +$symlink = ($initdir."/test/ok/symlink.txt"); +var_dump(symlink($target, $symlink)); +var_dump(readlink($symlink)); + +test_open_basedir_after("readlink"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [readlink] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: readlink(): open_basedir restriction in effect. File(symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: readlink(): open_basedir restriction in effect. File(../ok/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: readlink(): open_basedir restriction in effect. File(../ok/./symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: readlink(): open_basedir restriction in effect. File(./symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: readlink(): open_basedir restriction in effect. File(%s/test/ok/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: readlink(): open_basedir restriction in effect. File(%s/test/ok/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [readlink] *** + diff --git a/tests/security/open_basedir_realpath.phpt b/tests/security/open_basedir_realpath.phpt new file mode 100644 index 0000000..8cae890 --- /dev/null +++ b/tests/security/open_basedir_realpath.phpt @@ -0,0 +1,61 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) != 'WIN') { + die('skip only run on Windows'); +} +?> +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir("realpath"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [realpath] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test\bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test\bad\bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test\bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test\bad\bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test\bad\bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: realpath(): open_basedir restriction in effect. File(%s\test) is not within the allowed path(s): (.) in %s on line %d +bool(false) +string(%d) "%s\test\ok" +string(%d) "%s\test\ok\ok.txt" +string(%d) "%s\test\ok\ok.txt" +string(%d) "%s\test\ok\ok.txt" +string(%d) "%s\test\ok\ok.txt" +*** Finished testing open_basedir configuration [realpath] *** + diff --git a/tests/security/open_basedir_rename.phpt b/tests/security/open_basedir_rename.phpt new file mode 100644 index 0000000..2747093 --- /dev/null +++ b/tests/security/open_basedir_rename.phpt @@ -0,0 +1,47 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("rename"); + +var_dump(rename("../bad/bad.txt", "rename.txt")); +var_dump(rename(".././bad/bad.txt", "rename.txt")); +var_dump(rename("../bad/../bad/bad.txt", "rename.txt")); +var_dump(rename("./.././bad/bad.txt", "rename.txt")); +var_dump(rename($initdir."/test/bad/bad.txt", "rename.txt")); + +test_open_basedir_after("rename"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [rename] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: rename(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rename(): open_basedir restriction in effect. File(.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rename(): open_basedir restriction in effect. File(../bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rename(): open_basedir restriction in effect. File(./.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rename(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [rename] *** + diff --git a/tests/security/open_basedir_rmdir.phpt b/tests/security/open_basedir_rmdir.phpt new file mode 100644 index 0000000..c1d4b6b --- /dev/null +++ b/tests/security/open_basedir_rmdir.phpt @@ -0,0 +1,47 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("rmdir"); + +var_dump(rmdir("../bad")); +var_dump(rmdir(".././bad")); +var_dump(rmdir("../bad/../bad")); +var_dump(rmdir("./.././bad")); +var_dump(rmdir($initdir."/test/bad")); + +test_open_basedir_after("rmdir"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [rmdir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: rmdir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rmdir(): open_basedir restriction in effect. File(.././bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rmdir(): open_basedir restriction in effect. File(../bad/../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rmdir(): open_basedir restriction in effect. File(./.././bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: rmdir(): open_basedir restriction in effect. File(%s/test/bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [rmdir] *** + diff --git a/tests/security/open_basedir_scandir.phpt b/tests/security/open_basedir_scandir.phpt new file mode 100644 index 0000000..caffaa1 --- /dev/null +++ b/tests/security/open_basedir_scandir.phpt @@ -0,0 +1,110 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("scandir"); +test_open_basedir_error("scandir"); + +var_dump(scandir($initdir."/test/ok/")); +var_dump(scandir($initdir."/test/ok")); +var_dump(scandir($initdir."/test/ok/../ok")); + +test_open_basedir_after("scandir");?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [scandir] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: scandir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(../bad): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(../bad/bad.txt): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(..): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(../): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(/): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(../bad/.): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(%s/test/bad/bad.txt): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) + +Warning: scandir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d + +Warning: scandir(%s/test/bad/../bad/bad.txt): failed to open dir: %s in %s on line %d + +Warning: scandir(): (errno 1): %s in %s on line %d +bool(false) +array(3) { + [0]=> + string(1) "." + [1]=> + string(2) ".." + [2]=> + string(6) "ok.txt" +} +array(3) { + [0]=> + string(1) "." + [1]=> + string(2) ".." + [2]=> + string(6) "ok.txt" +} +array(3) { + [0]=> + string(1) "." + [1]=> + string(2) ".." + [2]=> + string(6) "ok.txt" +} +*** Finished testing open_basedir configuration [scandir] *** + diff --git a/tests/security/open_basedir_stat.phpt b/tests/security/open_basedir_stat.phpt new file mode 100644 index 0000000..b80b854 --- /dev/null +++ b/tests/security/open_basedir_stat.phpt @@ -0,0 +1,55 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +test_open_basedir_array("stat"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [stat] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: stat(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: stat(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [stat] *** + diff --git a/tests/security/open_basedir_symlink.phpt b/tests/security/open_basedir_symlink.phpt new file mode 100644 index 0000000..cdc8e7b --- /dev/null +++ b/tests/security/open_basedir_symlink.phpt @@ -0,0 +1,87 @@ +--TEST-- +Test open_basedir configuration +--SKIPIF-- +<?php +if (substr(PHP_OS, 0, 3) == 'WIN') { + die('skip no symlinks on Windows'); +} +?> +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("symlink"); + +$target = ($initdir."/test/ok/ok.txt"); +var_dump(symlink($target, "../bad/symlink.txt")); +var_dump(symlink($target, "../symlink.txt")); +var_dump(symlink($target, "../bad/./symlink.txt")); +var_dump(symlink($target, "./.././symlink.txt")); + +$symlink = ($initdir."/test/ok/symlink.txt"); +var_dump(symlink("../bad/bad.txt", $symlink)); +var_dump(symlink("../bad", $symlink)); +var_dump(symlink("../bad/./bad.txt", $symlink)); +var_dump(symlink("../bad/bad.txt", $symlink)); +var_dump(symlink("./.././bad", $symlink)); + +$target = ($initdir."/test/ok/ok.txt"); + +var_dump(symlink($target, $symlink)); +var_dump(unlink($symlink)); + +var_dump(mkdir("ok2")); +$symlink = ($initdir."/test/ok/ok2/ok.txt"); +var_dump(symlink("../ok.txt", $symlink)); // $target == (dirname($symlink)."/".$target) == ($initdir."/test/ok/ok.txt"); +var_dump(unlink($symlink)); + +test_open_basedir_after("symlink"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [symlink] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/symlink.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: symlink(): open_basedir restriction in effect. File(%s/test/bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [symlink] *** + diff --git a/tests/security/open_basedir_tempnam.phpt b/tests/security/open_basedir_tempnam.phpt new file mode 100644 index 0000000..fd63e29 --- /dev/null +++ b/tests/security/open_basedir_tempnam.phpt @@ -0,0 +1,75 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("tempnam"); + +var_dump(tempnam("../bad", "test")); +var_dump(tempnam("..", "test")); +var_dump(tempnam("../", "test")); +var_dump(tempnam("/", "test")); +var_dump(tempnam("../bad/.", "test")); +var_dump(tempnam("./../.", "test")); +var_dump(tempnam("", "test")); + +//absolute test +$file = tempnam($initdir."/test/ok", "test"); +var_dump($file); +var_dump(unlink($file)); + +//relative test +$file = tempnam(".", "test"); +var_dump($file); +var_dump(unlink($file)); + +$file = tempnam("../ok", "test"); +var_dump($file); +var_dump(unlink($file)); + +test_open_basedir_after("tempnam"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [tempnam] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: tempnam(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: tempnam(): open_basedir restriction in effect. File() is not within the allowed path(s): (.) in %s on line %d +bool(false) +string(%d) "%s" +bool(true) +string(%d) "%s" +bool(true) +string(%d) "%s" +bool(true) +*** Finished testing open_basedir configuration [tempnam] *** + diff --git a/tests/security/open_basedir_touch.phpt b/tests/security/open_basedir_touch.phpt new file mode 100644 index 0000000..3a8aee8 --- /dev/null +++ b/tests/security/open_basedir_touch.phpt @@ -0,0 +1,70 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("touch"); + +var_dump(touch("../bad")); +var_dump(touch("../bad/bad.txt")); +var_dump(touch("..")); +var_dump(touch("../")); +var_dump(touch("/")); +var_dump(touch("../bad/.")); +var_dump(touch("../bad/./bad.txt")); +var_dump(touch("./../.")); + +var_dump(touch($initdir."/test/ok/ok.txt")); +var_dump(touch("./ok.txt")); +var_dump(touch("ok.txt")); +var_dump(touch("../ok/ok.txt")); +var_dump(touch("../ok/./ok.txt")); + +test_open_basedir_after("touch"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [touch] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: touch(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(../bad/./bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: touch(): open_basedir restriction in effect. File(./../.) is not within the allowed path(s): (.) in %s on line %d +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +*** Finished testing open_basedir configuration [touch] *** + diff --git a/tests/security/open_basedir_unlink.phpt b/tests/security/open_basedir_unlink.phpt new file mode 100644 index 0000000..aeedac9 --- /dev/null +++ b/tests/security/open_basedir_unlink.phpt @@ -0,0 +1,47 @@ +--TEST-- +Test open_basedir configuration +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +$initdir = getcwd(); +test_open_basedir_before("unlink"); + +var_dump(unlink("../bad/bad.txt")); +var_dump(unlink(".././bad/bad.txt")); +var_dump(unlink("../bad/../bad/bad.txt")); +var_dump(unlink("./.././bad/bad.txt")); +var_dump(unlink($initdir."/test/bad/bad.txt")); + +test_open_basedir_after("unlink"); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +*** Testing open_basedir configuration [unlink] *** +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) + +Warning: unlink(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: unlink(): open_basedir restriction in effect. File(.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: unlink(): open_basedir restriction in effect. File(../bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: unlink(): open_basedir restriction in effect. File(./.././bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) + +Warning: unlink(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d +bool(false) +*** Finished testing open_basedir configuration [unlink] *** + |