Simplify GD null byte injection tests

These tests actually check that no file with a name containing a NUL is
created by the GD image output functions.  This is superfluous, since
it is sufficient to check that the function failed, and that an
appropriate warning has been raised.

We also add missing nullbyte injection tests.

diff --git a/ext/gd/tests/imagebmp_nullbyte_injection.phpt b/ext/gd/tests/imagebmp_nullbyte_injection.phpt
new file mode 100644 (file)
index 0000000..0b6d184
--- /dev/null
+++ b/ext/gd/tests/imagebmp_nullbyte_injection.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Testing null byte injection in imagebmp
+--SKIPIF--
+<?php
+if(!extension_loaded('gd')) die('skip gd extension not available');
+if (!gd_info()['BMP Support']) die('skip BMP support not available');
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+var_dump(imagebmp($image, "./foo\0bar"));
+?>
+===DONE===
+--EXPECTF--
+Warning: imagebmp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
+bool(false)
+===DONE===

diff --git a/ext/gd/tests/imagegd2_nullbyte_injection.phpt b/ext/gd/tests/imagegd2_nullbyte_injection.phpt
index 4307704ee209c76186675467d50b8af330f968e4..2fc3050421194be444b6720068ed7068458ae3ce 100644 (file)
--- a/ext/gd/tests/imagegd2_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagegd2_nullbyte_injection.phpt
@@ -4,29 +4,11 @@ Testing null byte injection in imagegd2
 <?php
         if(!extension_loaded('gd')){ die('skip gd extension not available'); }
 ?>
---CLEAN--
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
-rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagegd2 TEST\n";
-imagegd2($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagegd2($image, "./foo\0bar"));
+?>
 --EXPECTF--
-imagegd2 TEST
-
 Warning: imagegd2() expects parameter 2 to be a valid path, string given in %s on line %d
-bool(false)
-bool(false)
+NULL

diff --git a/ext/gd/tests/imagegd_nullbyte_injection.phpt b/ext/gd/tests/imagegd_nullbyte_injection.phpt
index f904bbf17446089b8e73c0362acdb07d600fc7d9..f5479a0050638efe06ef342ded505e12f436f949 100644 (file)
--- a/ext/gd/tests/imagegd_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagegd_nullbyte_injection.phpt
@@ -4,30 +4,11 @@ Testing null byte injection in imagegd
 <?php
         if(!extension_loaded('gd')){ die('skip gd extension not available'); }
 ?>
---CLEAN--
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
-rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagegd TEST\n";
-imagegd($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagegd($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagegd TEST
-
 Warning: imagegd() expects parameter 2 to be a valid path, string given in %s on line %d
-bool(false)
-bool(false)
+NULL

diff --git a/ext/gd/tests/imagegif_nullbyte_injection.phpt b/ext/gd/tests/imagegif_nullbyte_injection.phpt
index 0f3e5b8bad6a95a6e98edcb680fd72e2e3f37ccc..c5acdd489e7cbd5b8b11755300c60dbaa1e17673 100644 (file)
--- a/ext/gd/tests/imagegif_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagegif_nullbyte_injection.phpt
@@ -3,10 +3,6 @@ Testing null byte injection in imagegif
 --SKIPIF--
 <?php
 if(!extension_loaded('gd')){ die('skip gd extension not available'); }
-$support = gd_info();
-if (!isset($support['GIF Create Support']) || $support['GIF Create Support'] === false) {
-       print 'skip gif support not available';
-}
 ?>
 --CLEAN--
 $tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
@@ -15,23 +11,8 @@ rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagegif TEST\n";
-imagegif($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagegif($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagegif TEST
-
 Warning: imagegif(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
 bool(false)
-bool(false)

diff --git a/ext/gd/tests/imagejpeg_nullbyte_injection.phpt b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt
index 38eadab4ae21ae44f9ab39b8ae8f1552493fe23f..29cb537c3a664a09a18adddf1a9fa7dc5171c066 100644 (file)
--- a/ext/gd/tests/imagejpeg_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagejpeg_nullbyte_injection.phpt
@@ -15,23 +15,8 @@ rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagejpeg TEST\n";
-imagejpeg($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagejpeg($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagejpeg TEST
-
 Warning: imagejpeg(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
 bool(false)
-bool(false)

diff --git a/ext/gd/tests/imagepng_nullbyte_injection.phpt b/ext/gd/tests/imagepng_nullbyte_injection.phpt
index bc9c3403972ba716e1c7c3921108e94ab3b9e447..271d4d5bd3fecfb4baf03e38dce7aa800a07e8ad 100644 (file)
--- a/ext/gd/tests/imagepng_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagepng_nullbyte_injection.phpt
@@ -15,23 +15,8 @@ rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagepng TEST\n";
-imagepng($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagepng($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagepng TEST
-
 Warning: imagepng(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
 bool(false)
-bool(false)

diff --git a/ext/gd/tests/imagewbmp_nullbyte_injection.phpt b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt
index 466584f9686492585630b70df5e9e296858b6e11..fc5d238f41ef26258f490b89871ad8ab55ccf225 100644 (file)
--- a/ext/gd/tests/imagewbmp_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagewbmp_nullbyte_injection.phpt
@@ -15,23 +15,8 @@ rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagewbmp TEST\n";
-imagewbmp($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagewbmp($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagewbmp TEST
-
 Warning: imagewbmp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
 bool(false)
-bool(false)

diff --git a/ext/gd/tests/imagewebp_nullbyte_injection.phpt b/ext/gd/tests/imagewebp_nullbyte_injection.phpt
index 9d46a2114082ca61a55ec05075a69f7d01ee5565..d778d0a379349454bc02335d6ab5cae9060abc03 100644 (file)
--- a/ext/gd/tests/imagewebp_nullbyte_injection.phpt
+++ b/ext/gd/tests/imagewebp_nullbyte_injection.phpt
@@ -15,23 +15,8 @@ rmdir($tempdir);
 --FILE--
 <?php
 $image = imagecreate(1,1);// 1px image
-
-$tempdir = sprintf("%s/%s", sys_get_temp_dir(), preg_replace("~\.php$~", null, __FILE__));
-if (!is_dir($tempdir)) {
-       mkdir ($tempdir, 0777, true);
-}
-
-$userinput = "1\0"; // from post or get data
-$temp = $tempdir. "/test" . $userinput .".tmp";
-
-echo "\nimagewebp TEST\n";
-imagewebp($image, $temp);
-var_dump(file_exists($tempdir. "/test1"));
-var_dump(file_exists($tempdir. "/test1.tmp"));
+var_dump(imagewebp($image, "./foo\0bar"));
 ?>
 --EXPECTF--
-imagewebp TEST
-
 Warning: imagewebp(): Invalid 2nd parameter, filename must not contain null bytes in %s on line %d
 bool(false)
-bool(false)

diff --git a/ext/gd/tests/imagexbm_nullbyte_injection.phpt b/ext/gd/tests/imagexbm_nullbyte_injection.phpt
new file mode 100644 (file)
index 0000000..b485315
--- /dev/null
+++ b/ext/gd/tests/imagexbm_nullbyte_injection.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Testing null byte injection in imagexbm
+--SKIPIF--
+<?php
+if(!extension_loaded('gd')) die('skip gd extension not available');
+?>
+--FILE--
+<?php
+$image = imagecreate(1,1);// 1px image
+var_dump(imagexbm($image, "./foo\0bar"));
+?>
+===DONE===
+--EXPECTF--
+Warning: imagexbm() expects parameter 2 to be a valid path, string given in %s on line %d
+NULL
+===DONE===