jorton 2004/10/19 07:24:31
Added: perl-framework/t/security CAN-2004-0958.t perl-framework/t/htdocs/security CAN-2004-0958.php Log: Add tests for PHP variable handling issues silently fixed in 5.0.2/4.3.9 along with the segfault introduced in same. Revision Changes Path 1.1 httpd-test/perl-framework/t/security/CAN-2004-0958.t Index: CAN-2004-0958.t =================================================================== use strict; use warnings FATAL => 'all'; use Apache::Test; use Apache::TestUtil; use Apache::TestRequest; my %queries = ( "foo[bar=1" => qr/\[foo_bar\] => 1\n/, "foo bar=2" => qr/\[foo_bar\] => 2\n/, "foo. .bar=3" => qr/\[foo___bar\] => 3\n/, "foobar[=3" => qr/\[foobar_\] => 4\n/, "foo[g][=1" => qr/\[g\] => 1\n/, # corruption pre-5.0.2/4.3.9 "foo[][=2" => qr/\[0\] => 2\n/, # segfault in 5.0.2/4.3.9 "foo[][[[[[=3" => qr/\[0\] => 3\n/, "foo[[[[[[[h]=4" => qr/\[0\] => 4\n/, "foo[][][][][]=5" => qr/\[0\] => 5\n/, "foo[j]bar=6" => qr/\[j\] => 6\n/, "foo[ ]=7" => qr/\[baz\] => 7\n/, "foo[ ]=7" => qr/\[baz\] => 7\n/, ); plan tests => (keys %queries) * 1, need_php; foreach (keys %queries) { my $actual = GET_BODY "/security/CAN-2004-0958.php?".$_; ok t_cmp($actual, $queries{$_}); } 1.1 httpd-test/perl-framework/t/htdocs/security/CAN-2004-0958.php Index: CAN-2004-0958.php =================================================================== <? print_r($_REQUEST); ?>