Adjust or fork tests for libxml 2.9.12

nikic · nikic · commit 2363825afcff · 2021-05-26T10:08:09.000+02:00
diff --git a/ext/dom/tests/bug43364.phpt b/ext/dom/tests/bug43364.phpt
@@ -36,7 +36,7 @@ $doc->xinclude();
 
 $count = loopElements(array($doc->documentElement));
 
-var_dump($count);
+var_dump($count == 13 || $count == 11);
 ?>
 --EXPECT--
-int(13)
+bool(true)
diff --git a/ext/dom/tests/bug80268.phpt b/ext/dom/tests/bug80268.phpt
@@ -2,6 +2,10 @@
 Bug #80268 (loadHTML() truncates at NUL bytes)
 --EXTENSIONS--
 dom
+--SKIPIF--
+<?php
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
+?>
 --FILE--
 <?php
 $doc = new DOMDocument;
diff --git a/ext/dom/tests/bug80268_2.phpt b/ext/dom/tests/bug80268_2.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Bug #80268 (loadHTML() truncates at NUL bytes)
+--EXTENSIONS--
+dom
+--SKIPIF--
+<?php
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+?>
+--FILE--
+<?php
+$doc = new DOMDocument;
+$doc->loadHTML("<p>foo\0bar</p>");
+$html = $doc->saveHTML();
+var_dump(strpos($html, '<p>foo</p>') !== false);
+
+file_put_contents(__DIR__ . '/80268.html', "<p>foo\0bar</p>");
+$doc = new DOMDocument;
+$doc->loadHTMLFile(__DIR__ . '/80268.html');
+$html = $doc->saveHTML();
+var_dump(strpos($html, '<p>foo</p>') !== false);
+?>
+--CLEAN--
+<?php
+unlink(__DIR__ . '/80268.html');
+?>
+--EXPECTF--
+Warning: DOMDocument::loadHTML(): Char 0x0 out of allowed range in Entity, line: 1 in %s on line %d
+bool(false)
+
+Warning: DOMDocument::loadHTMLFile(): Char 0x0 out of allowed range in %s on line %d
+bool(false)
diff --git a/ext/libxml/tests/bug61367-read.phpt b/ext/libxml/tests/bug61367-read.phpt
@@ -1,7 +1,10 @@
 --TEST--
 Bug #61367: open_basedir bypass in libxml RSHUTDOWN: read test
 --SKIPIF--
-<?php if(!extension_loaded('dom')) echo 'skip dom extension not available'; ?>
+<?php
+if(!extension_loaded('dom')) echo 'skip dom extension not available';
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
+?>
 --INI--
 open_basedir=.
 --FILE--
diff --git a/ext/libxml/tests/bug61367-read_2.phpt b/ext/libxml/tests/bug61367-read_2.phpt
@@ -0,0 +1,60 @@
+--TEST--
+Bug #61367: open_basedir bypass in libxml RSHUTDOWN: read test
+--SKIPIF--
+<?php
+if(!extension_loaded('dom')) echo 'skip dom extension not available';
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+?>
+--INI--
+open_basedir=.
+--FILE--
+<?php
+/*
+ * Note: Using error_reporting=E_ALL & ~E_NOTICE to suppress "Trying to get property of non-object" notices.
+ */
+class StreamExploiter {
+    public function stream_close (  ) {
+        $doc = new DOMDocument;
+        $doc->resolveExternals = true;
+        $doc->substituteEntities = true;
+        $dir = htmlspecialchars(dirname(getcwd()));
+        $dir = str_replace('\\', '/', $dir); // fix for windows
+        $doc->loadXML( <<<XML
+<!DOCTYPE doc [
+    <!ENTITY file SYSTEM "file:///$dir/bad">
+]>
+<doc>&file;</doc>
+XML
+        );
+        print $doc->documentElement->firstChild->nodeValue;
+    }
+
+    public function stream_open (  $path ,  $mode ,  $options ,  &$opened_path ) {
+        return true;
+    }
+}
+
+var_dump(mkdir('test_bug_61367-read'));
+var_dump(mkdir('test_bug_61367-read/base'));
+var_dump(file_put_contents('test_bug_61367-read/bad', 'blah'));
+var_dump(chdir('test_bug_61367-read/base'));
+
+stream_wrapper_register( 'exploit', 'StreamExploiter' );
+$s = fopen( 'exploit://', 'r' );
+
+?>
+--CLEAN--
+<?php
+unlink('test_bug_61367-read/bad');
+rmdir('test_bug_61367-read/base');
+rmdir('test_bug_61367-read');
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+int(4)
+bool(true)
+
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file:///%s/test_bug_61367-read/bad" in %s on line %d
+
+Warning: Attempt to read property "nodeValue" on null in %s on line %d
diff --git a/ext/libxml/tests/libxml_disable_entity_loader.phpt b/ext/libxml/tests/libxml_disable_entity_loader.phpt
@@ -4,6 +4,7 @@ libxml_disable_entity_loader()
 <?php
 if (!extension_loaded('libxml')) die('skip libxml extension not available');
 if (!extension_loaded('dom')) die('skip dom extension not available');
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
 --FILE--
 <?php
 
@@ -37,10 +38,6 @@ bool(true)
 Deprecated: Function libxml_disable_entity_loader() is deprecated in %s on line %d
 bool(false)
 
-Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "%s" in %s on line %d
-
-Warning: DOMDocument::loadXML(): Failure to process entity xxe in Entity, line: %d in %s on line %d
-
-Warning: DOMDocument::loadXML(): Entity 'xxe' not defined in Entity, line: %d in %s on line %d
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "/home/nikic/php/php-src/ext/libxml/tests/libxml_disable_entity_loader_payload.txt" in %s on line %d
 bool(true)
 Done
diff --git a/ext/libxml/tests/libxml_disable_entity_loader_2.phpt b/ext/libxml/tests/libxml_disable_entity_loader_2.phpt
@@ -0,0 +1,43 @@
+--TEST--
+libxml_disable_entity_loader()
+--SKIPIF--
+<?php
+if (!extension_loaded('libxml')) die('skip libxml extension not available');
+if (!extension_loaded('dom')) die('skip dom extension not available');
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+--FILE--
+<?php
+
+$xml = <<<EOT
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE test [<!ENTITY xxe SYSTEM "XXE_URI">]>
+<foo>&xxe;</foo>
+EOT;
+
+$dir = str_replace('\\', '/', __DIR__);
+$xml = str_replace('XXE_URI', $dir . '/libxml_disable_entity_loader_payload.txt', $xml);
+
+function parseXML($xml) {
+  $doc = new DOMDocument();
+  $doc->resolveExternals = true;
+  $doc->substituteEntities = true;
+  $doc->validateOnParse = false;
+  $doc->loadXML($xml, 0);
+  return $doc->saveXML();
+}
+
+var_dump(strpos(parseXML($xml), 'SECRET_DATA') !== false);
+var_dump(libxml_disable_entity_loader(true));
+var_dump(strpos(parseXML($xml), 'SECRET_DATA') === false);
+
+echo "Done\n";
+?>
+--EXPECTF--
+bool(true)
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s on line %d
+bool(false)
+
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "/home/nikic/php/php-src/ext/libxml/tests/libxml_disable_entity_loader_payload.txt" in %s on line %d
+bool(true)
+Done
