diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
commit | 1221c736f9a90756d47ea6d28320b6b83602dd2a (patch) | |
tree | b453ba7b1393205258c9b098a773b4330984672f /debian/perl-framework/t/security/CVE-2004-0958.t | |
parent | Adding upstream version 2.4.38. (diff) | |
download | apache2-debian/2.4.38-3+deb10u8.tar.xz apache2-debian/2.4.38-3+deb10u8.zip |
Adding debian version 2.4.38-3+deb10u8.debian/2.4.38-3+deb10u8debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/perl-framework/t/security/CVE-2004-0958.t')
-rw-r--r-- | debian/perl-framework/t/security/CVE-2004-0958.t | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/debian/perl-framework/t/security/CVE-2004-0958.t b/debian/perl-framework/t/security/CVE-2004-0958.t new file mode 100644 index 0000000..87e8d39 --- /dev/null +++ b/debian/perl-framework/t/security/CVE-2004-0958.t @@ -0,0 +1,37 @@ +use strict; +use warnings FATAL => 'all'; + +use Apache::Test; +use Apache::TestUtil; +use Apache::TestRequest; + +my %queries = +( + + "foo[bar=1" => qr/\[foo_bar\] => 1\n/, + "foo bar=2" => qr/\[foo_bar\] => 2\n/, + "foo. .bar=3" => qr/\[foo___bar\] => 3\n/, + "foobar[=3" => qr/\[foobar_\] => 3\n/, + + "foo[g][=1" => qr/\[g\] => 1\n/, # corruption pre-5.0.2/4.3.9 + "foo[][=2" => qr/\[0\] => 2\n/, # segfault in 5.0.2/4.3.9 + + "foo[][[[[[=3" => qr/\[0\] => 3\n/, + "foo[][][][][]=5" => qr/\[0\] => 5\n/, + + "foo[j]bar=6" => qr/\[j\] => 6\n/, + + +### tests which have dubious results currently: +# "foo[[[[[[[h]=4" => qr/\[0\] => 4\n/, +# "foo[ ]=7" => qr/\[baz\] => 7\n/, +# "foo[ ]=7" => qr/\[baz\] => 7\n/, + + ); + +plan tests => (keys %queries) * 1, need_php; + +foreach (keys %queries) { + my $actual = GET_BODY "/security/CAN-2004-0958.php?".$_; + ok t_cmp($actual, $queries{$_}, "query for $_"); +} |