svn commit: r521756 - in /perl/modperl/branches/1.x/t: conf/httpd.conf.pl modules/regex.t

[geoff]

Author: geoff
Date: Fri Mar 23 08:11:02 2007
New Revision: 521756

URL: http://svn.apache.org/viewvc?view=rev&rev=521756
Log:
test for extended regex quoting


Added:
    perl/modperl/branches/1.x/t/modules/regex.t
Modified:
    perl/modperl/branches/1.x/t/conf/httpd.conf.pl

Modified: perl/modperl/branches/1.x/t/conf/httpd.conf.pl
URL: 
http://svn.apache.org/viewvc/perl/modperl/branches/1.x/t/conf/httpd.conf.pl?view=diff&rev=521756&r1=521755&r2=521756
==============================================================================
--- perl/modperl/branches/1.x/t/conf/httpd.conf.pl (original)
+++ perl/modperl/branches/1.x/t/conf/httpd.conf.pl Fri Mar 23 08:11:02 2007
@@ -120,7 +120,7 @@
 
 push @AddType, ["text/x-server-parsed-html" => ".shtml"];
  
-for (qw(/perl /cgi-bin /dirty-perl /perl_xs)) {
+for (qw(/perl /cgi-bin /dirty-perl /perl_xs /ng-perl)) {
     push @Alias, [$_ => "$dir/net/perl/"];
 }
 
@@ -137,6 +137,13 @@
 $Location{"/dirty-perl"} = { 
     SetHandler => "perl-script",
     PerlHandler => "Apache::PerlRun",
+    Options => "+ExecCGI ",
+    PerlSendHeader => "On",
+};
+
+$Location{"/ng-perl"} = { 
+    SetHandler => "perl-script",
+    PerlHandler => "Apache::RegistryNG",
     Options => "+ExecCGI ",
     PerlSendHeader => "On",
 };

Added: perl/modperl/branches/1.x/t/modules/regex.t
URL: 
http://svn.apache.org/viewvc/perl/modperl/branches/1.x/t/modules/regex.t?view=auto&rev=521756
==============================================================================
--- perl/modperl/branches/1.x/t/modules/regex.t (added)
+++ perl/modperl/branches/1.x/t/modules/regex.t Fri Mar 23 08:11:02 2007
@@ -0,0 +1,35 @@
+
+# extended regex quoting
+# CVE-2007-1349
+
+use Apache::testold;
+
+skip_test unless have_module "CGI";
+
+$ua = new LWP::UserAgent;
+
+my $tests = 4; 
+my $test_mod_cgi = 0;
+unless($net::callback_hooks{USE_DSO}) { 
+  #XXX: hrm, fails under dso?!? 
+    $tests++; 
+    $test_mod_cgi = 1;
+} 
+
+my $i = $tests;
+
+print "1..$tests\nok 1\n";
+
+print "# Apache::Registry\n";
+print fetch($ua, "http://$net::httpserver/perl/cgi.pl/(yikes?PARAM=2");
+
+print "# Apache::PerlRun\n";
+print fetch($ua, "http://$net::httpserver/dirty-perl/cgi.pl/(yikes?PARAM=3");
+
+print "# Apache::RegistryNG\n";
+print fetch($ua, "http://$net::httpserver/ng-perl/cgi.pl/(yikes?PARAM=4");
+
+if($test_mod_cgi) { 
+    print "# mod_cgi\n";
+    print fetch($ua, "http://$net::httpserver/cgi-bin/cgi.pl/(yikes?PARAM=5");
+}