diff --git a/tests/evil_symlink_win.phpt b/tests/evil_symlink_win.phpt new file mode 100644 index 0000000..e255692 --- /dev/null +++ b/tests/evil_symlink_win.phpt @@ -0,0 +1,24 @@ +--TEST-- +tests extraction of out-of-path symlink with a windows path +--SKIPIF-- +--FILE-- +extract($extract_target); +// On Windows dirname() will have used backslashes but the error messages do not. +$extract_target = str_replace('\\', '/', $extract_target); +$phpunit->assertErrors(array(array('package' => 'PEAR_Error', 'message' => 'Out-of-path file extraction {' . $extract_target . '/evil.txt --> C:\windows\system.ini}')), 'after 1'); +// N.B. file_exists() typically will not detect a broken symbolic link +$phpunit->assertFalse(is_link($extract_target . '/evil.txt'), 'Out-of-path symlink should not have succeeded'); +echo 'tests done'; +?> +--CLEAN-- + +--EXPECT-- +tests done diff --git a/tests/evil_symlink_win.tar b/tests/evil_symlink_win.tar new file mode 100644 index 0000000..6fc6fe5 Binary files /dev/null and b/tests/evil_symlink_win.tar differ diff --git a/tests/out_of_path_relative.phpt b/tests/out_of_path_relative.phpt new file mode 100644 index 0000000..8cb37d3 --- /dev/null +++ b/tests/out_of_path_relative.phpt @@ -0,0 +1,30 @@ +--TEST-- +tests extraction of out-of-path symlink +--SKIPIF-- +--FILE-- +extract($extract_target); +// On Windows dirname() will have used backslashes but the error messages do not. +$extract_target = str_replace('\\', '/', $extract_target); +$phpunit->assertErrors(array(array('package' => 'PEAR_Error', 'message' => 'Out-of-path file extraction {' . $extract_target . '/five/six/evil.txt --> ../../../../secret.txt}')), 'after 1'); +$phpunit->assertFileNotExists($extract_target . '/five/six/evil.txt', 'Out-of-path symlink should not have succeeded'); +echo 'tests done'; +?> +--CLEAN-- + +--EXPECT-- +tests done diff --git a/tests/out_of_path_relative.tar b/tests/out_of_path_relative.tar new file mode 100644 index 0000000..d1beddb Binary files /dev/null and b/tests/out_of_path_relative.tar differ