-
Notifications
You must be signed in to change notification settings - Fork 7.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make tests compatible with libxml2 2.9.12
This version of libxml introduced quite a few changes. Most of them are differences in error reporting, while some also change behavior, e.g. null bytes are no longer supported and xinclude recursion is limited. Closes GH-7030. Closes GH-7046. Co-authored-by: Nikita Popov <nikic@php.net>
- Loading branch information
Showing
9 changed files
with
150 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
--TEST-- | ||
Bug #80268 (loadHTML() truncates at NUL bytes) | ||
--SKIPIF-- | ||
<?php | ||
require_once('skipif.inc'); | ||
if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only'); | ||
?> | ||
--FILE-- | ||
<?php | ||
$doc = new DOMDocument; | ||
$doc->loadHTML("<p>foo\0bar</p>"); | ||
$html = $doc->saveHTML(); | ||
var_dump(strpos($html, '<p>foo</p>') !== false); | ||
|
||
file_put_contents(__DIR__ . '/80268.html', "<p>foo\0bar</p>"); | ||
$doc = new DOMDocument; | ||
$doc->loadHTMLFile(__DIR__ . '/80268.html'); | ||
$html = $doc->saveHTML(); | ||
var_dump(strpos($html, '<p>foo</p>') !== false); | ||
?> | ||
--CLEAN-- | ||
<?php | ||
unlink(__DIR__ . '/80268.html'); | ||
?> | ||
--EXPECTF-- | ||
Warning: DOMDocument::loadHTML(): Char 0x0 out of allowed range in Entity, line: 1 in %s on line %d | ||
bool(false) | ||
|
||
Warning: DOMDocument::loadHTMLFile(): Char 0x0 out of allowed range in %s on line %d | ||
bool(false) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
--TEST-- | ||
Bug #61367: open_basedir bypass in libxml RSHUTDOWN: read test | ||
--SKIPIF-- | ||
<?php | ||
if(!extension_loaded('dom')) echo 'skip dom extension not available'; | ||
if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only'); | ||
?> | ||
--INI-- | ||
open_basedir=. | ||
--FILE-- | ||
<?php | ||
/* | ||
* Note: Using error_reporting=E_ALL & ~E_NOTICE to suppress "Trying to get property of non-object" notices. | ||
*/ | ||
class StreamExploiter { | ||
public function stream_close ( ) { | ||
$doc = new DOMDocument; | ||
$doc->resolveExternals = true; | ||
$doc->substituteEntities = true; | ||
$dir = htmlspecialchars(dirname(getcwd())); | ||
$dir = str_replace('\\', '/', $dir); // fix for windows | ||
$doc->loadXML( <<<XML | ||
<!DOCTYPE doc [ | ||
<!ENTITY file SYSTEM "file:///$dir/bad"> | ||
]> | ||
<doc>&file;</doc> | ||
XML | ||
); | ||
print $doc->documentElement->firstChild->nodeValue; | ||
} | ||
|
||
public function stream_open ( $path , $mode , $options , &$opened_path ) { | ||
return true; | ||
} | ||
} | ||
|
||
var_dump(mkdir('test_bug_61367-read')); | ||
var_dump(mkdir('test_bug_61367-read/base')); | ||
var_dump(file_put_contents('test_bug_61367-read/bad', 'blah')); | ||
var_dump(chdir('test_bug_61367-read/base')); | ||
|
||
stream_wrapper_register( 'exploit', 'StreamExploiter' ); | ||
$s = fopen( 'exploit://', 'r' ); | ||
|
||
?> | ||
--CLEAN-- | ||
<?php | ||
unlink('test_bug_61367-read/bad'); | ||
rmdir('test_bug_61367-read/base'); | ||
rmdir('test_bug_61367-read'); | ||
?> | ||
--EXPECTF-- | ||
bool(true) | ||
bool(true) | ||
int(4) | ||
bool(true) | ||
|
||
Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file:///%s/test_bug_61367-read/bad" in %s on line %d | ||
|
||
Warning: Attempt to read property "nodeValue" on null in %s on line %d |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
--TEST-- | ||
libxml_disable_entity_loader() | ||
--SKIPIF-- | ||
<?php | ||
if (!extension_loaded('libxml')) die('skip libxml extension not available'); | ||
if (!extension_loaded('dom')) die('skip dom extension not available'); | ||
if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only'); | ||
--FILE-- | ||
<?php | ||
|
||
$xml = <<<EOT | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<!DOCTYPE test [<!ENTITY xxe SYSTEM "XXE_URI">]> | ||
<foo>&xxe;</foo> | ||
EOT; | ||
|
||
$dir = str_replace('\\', '/', __DIR__); | ||
$xml = str_replace('XXE_URI', $dir . '/libxml_disable_entity_loader_payload.txt', $xml); | ||
|
||
function parseXML($xml) { | ||
$doc = new DOMDocument(); | ||
$doc->resolveExternals = true; | ||
$doc->substituteEntities = true; | ||
$doc->validateOnParse = false; | ||
$doc->loadXML($xml, 0); | ||
return $doc->saveXML(); | ||
} | ||
|
||
var_dump(strpos(parseXML($xml), 'SECRET_DATA') !== false); | ||
var_dump(libxml_disable_entity_loader(true)); | ||
var_dump(strpos(parseXML($xml), 'SECRET_DATA') === false); | ||
|
||
echo "Done\n"; | ||
?> | ||
--EXPECTF-- | ||
bool(true) | ||
|
||
Deprecated: Function libxml_disable_entity_loader() is deprecated in %s on line %d | ||
bool(false) | ||
|
||
Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "%s" in %s on line %d | ||
bool(true) | ||
Done |