Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-01-06 17:13:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '18.0' of git@github.com:Dolibarr/dolibarr.git into 19.0

Browse Source
This commit is contained in:
ldestailleur
2025-09-04 20:47:13 +02:00
parent 258fe1124b 01aa901f93
commit 781adf507b
5 changed files with 133 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
test/phpunit/SecurityTest.php
View File

@@ -608,6 +608,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$this->assertEquals($resultexpected, $result, 'Test on param0');
$result=GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
print __METHOD__." result for param15=".$result."\n";
//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b'); // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
//$this->assertEquals('<img onerror> src=&gt;0xbeefed', $result, 'Test 15b'); // ... on other PHP and libxml versions, we got a HTML that has been cleaned
@@ -852,7 +853,8 @@ class SecurityTest extends PHPUnit\Framework\TestCase
{
$stringtotest = 'eée';
$decodedstring = dol_string_onlythesehtmlattributes($stringtotest);
$this->assertEquals('e&eacute;e', $decodedstring, 'Function did not sanitize correclty with test 1');
//$this->assertEquals('e&eacute;e', $decodedstring, 'Function did not sanitize correctly with test 1');
$this->assertEquals('eée', $decodedstring, 'Function did not sanitize correctly with test 1');
$stringtotest = '<div onload="ee"><a href="123"><span class="abc">abc</span></a></div>';
$decodedstring = dol_string_onlythesehtmlattributes($stringtotest);
@@ -1119,6 +1121,22 @@ class SecurityTest extends PHPUnit\Framework\TestCase
print "result6 = ".$result."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', $result);
$result = dol_eval('json_encode(array_map(implode("",["ex","ec"]), ["id"]))', 1, 1, '1'); // result of dol_eval may be an object Closure
print "result4a = ".json_encode($result)."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result), 'The string was not detected as evil, it should due to the [ char and method "2"');
$result = dol_eval('json_encode(array_map(implode("",["ex","ec"]), ["id"]))', 1, 1, '2'); // result of dol_eval may be an object Closure
print "result4b = ".json_encode($result)."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result), 'The string was not detected as evil, it should due to the use of array_map');
$result = dol_eval('json_encode(array_map(implode("",array("ex","ec"), array("id")))', 1, 1, '1'); // result of dol_eval may be an object Closure
print "result4c = ".json_encode($result)."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result), 'The string was not detected as evil, it should due to the use of array_map');
$result = dol_eval('$a=function() { }; $a', 1, 1, '0'); // result of dol_eval may be an object Closure
print "result5 = ".json_encode($result)."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', json_encode($result), 'The string was not detected as evil');
$result = (string) dol_eval('$a=exec("ls");', 1, 1);
print "result7 = ".$result."\n";
$this->assertStringContainsString('Bad string syntax to evaluate', $result);