summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/htdocs/php/safemode
diff options
context:
space:
mode:
Diffstat (limited to 'debian/perl-framework/t/htdocs/php/safemode')
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/badenv.php2
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/error/mail.php9
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/hello.txt1
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/noexec/system.php1
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/nofile/readfile.php1
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/protected.php2
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/putenv.php2
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/readfile.php1
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/readpass.php1
-rw-r--r--debian/perl-framework/t/htdocs/php/safemode/system.php2
10 files changed, 22 insertions, 0 deletions
diff --git a/debian/perl-framework/t/htdocs/php/safemode/badenv.php b/debian/perl-framework/t/htdocs/php/safemode/badenv.php
new file mode 100644
index 0000000..97bcdfa
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/badenv.php
@@ -0,0 +1,2 @@
+<?php putenv("FISH=HelloWorld");
+echo getenv("FISH"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/error/mail.php b/debian/perl-framework/t/htdocs/php/safemode/error/mail.php
new file mode 100644
index 0000000..cb6fdaa
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/error/mail.php
@@ -0,0 +1,9 @@
+<?php
+// fix for CAN-2002-0985: mail() must reject 5th argument in safe mode
+if (mail("root@localhost", "httpd-test PHP mail",
+ "test mail from httpd-test", "", "-C/etc/passwd")) {
+ print("FAIL");
+} else {
+ print("OK");
+}
+?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/hello.txt b/debian/perl-framework/t/htdocs/php/safemode/hello.txt
new file mode 100644
index 0000000..39aaa32
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/hello.txt
@@ -0,0 +1 @@
+This is Content.
diff --git a/debian/perl-framework/t/htdocs/php/safemode/noexec/system.php b/debian/perl-framework/t/htdocs/php/safemode/noexec/system.php
new file mode 100644
index 0000000..5a224c9
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/noexec/system.php
@@ -0,0 +1 @@
+<?php system("/bin/ls /"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/nofile/readfile.php b/debian/perl-framework/t/htdocs/php/safemode/nofile/readfile.php
new file mode 100644
index 0000000..bc2c731
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/nofile/readfile.php
@@ -0,0 +1 @@
+<?php readfile("../hello.txt"); ?> \ No newline at end of file
diff --git a/debian/perl-framework/t/htdocs/php/safemode/protected.php b/debian/perl-framework/t/htdocs/php/safemode/protected.php
new file mode 100644
index 0000000..3f8b64a
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/protected.php
@@ -0,0 +1,2 @@
+<?php putenv("FOO_FEE=HelloWorld");
+echo getenv("FOO_FEE"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/putenv.php b/debian/perl-framework/t/htdocs/php/safemode/putenv.php
new file mode 100644
index 0000000..575e7f7
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/putenv.php
@@ -0,0 +1,2 @@
+<?php putenv("FOO_BAR=HelloWorld");
+echo getenv("FOO_BAR"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/readfile.php b/debian/perl-framework/t/htdocs/php/safemode/readfile.php
new file mode 100644
index 0000000..60eda17
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/readfile.php
@@ -0,0 +1 @@
+<?php readfile("hello.txt"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/readpass.php b/debian/perl-framework/t/htdocs/php/safemode/readpass.php
new file mode 100644
index 0000000..e983308
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/readpass.php
@@ -0,0 +1 @@
+<?php readfile("/etc/passwd"); ?>
diff --git a/debian/perl-framework/t/htdocs/php/safemode/system.php b/debian/perl-framework/t/htdocs/php/safemode/system.php
new file mode 100644
index 0000000..62be01a
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/php/safemode/system.php
@@ -0,0 +1,2 @@
+<?php system("printf HelloWorld"); ?>
+