Accueil Explorer Aide
Connexion
bachir
/
popsu-d9
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 8bb1064a3b
Branches Tags
popsu-d9
/
old.vendor
/
pear
/
archive_tar
/
tests
/
dirtraversal.phpt

dirtraversal.phpt 1.0 KB
Historique Raw

123456789101112131415161718192021222324 
  1. --TEST--
    2. 

  2. test directory traversal security vulnerability
    3. 

  3. --SKIPIF--
    4. 

  4. --FILE--
    5. 

  5. <?php
    6. 

  6. require_once dirname(__FILE__) . '/setup.php.inc';
    7. 

  7. $me = dirname(__FILE__) . '/testit';
    8. 

  8. $tar = new Archive_Tar(dirname(__FILE__) . '/hamidTARtester2.tar');
    9. 

  9. $tar->listContent();
    10. 

  10. $phpunit->assertErrors(array(
    11. 

  11.     array('package' => 'PEAR_Error', 'message' => 'Malicious .tar detected, file "/../../../../../../../../../../../../../../AAAAAAAAAAAAAAAAA/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB.txt" will not install in desired directory tree')
    12. 

  12. ), 'after 1');
    13. 

  13. $tar->extract();
    14. 

  14. $phpunit->assertErrors(array(
    15. 

  15.     array('package' => 'PEAR_Error', 'message' => 'Malicious .tar detected, file "/../../../../../../../../../../../../../../AAAAAAAAAAAAAAAAA/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB.txt" will not install in desired directory tree')
    16. 

  16. ), 'after 2');
    17. 

  17. echo 'tests done';
    18. 

  18. ?>
    19. 

  19. --CLEAN--
    20. 

  20. <?php
    21. 

  21. @rmdir('AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa');
    22. 

  22. ?>
    23. 

  23. --EXPECT--
    24. 

  24. tests done
    25.