stas Wed Sep 19 00:42:20 2007 UTC
Modified files:
/php-src/ext/iconv/tests iconv-charset-length-cve-2007-4840.phpt
iconv_mime_decode-charset-length-cve-2007-4840.phpt
iconv_mime_decode_headers-charset-length-cve-2007-4840.phpt
iconv_set_encoding-charset-length-cve-2007-4840.phpt
iconv_strlen-charset-length-cve-2007-4840.phpt
iconv_strpos-charset-length-cve-2007-4840.phpt
iconv_strrpos-charset-length-cve-2007-4840.phpt
iconv_substr-charset-length-cve-2007-4783.phpt
Log:
MFB length tests
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/iconv/tests/iconv-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv-charset-length-cve-2007-4840.phpt Wed Sep
19 00:42:20 2007
@@ -0,0 +1,17 @@
+--TEST--
+iconv() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv($a, "b", "test"));
+var_dump(iconv("x", $a, "test"));
+?>
+--EXPECTF--
+
+Warning: iconv(): Charset parameter exceeds the maximum allowed length of %d
characters in %s on line %d
+bool(false)
+
+Warning: iconv(): Charset parameter exceeds the maximum allowed length of %d
characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_mime_decode-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index:
php-src/ext/iconv/tests/iconv_mime_decode-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_mime_decode-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv_mime_decode-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,13 @@
+--TEST--
+iconv_mime_decode() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv_mime_decode("a", null, $a));
+?>
+--EXPECTF--
+
+Warning: iconv_mime_decode(): Charset parameter exceeds the maximum allowed
length of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_mime_decode_headers-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index:
php-src/ext/iconv/tests/iconv_mime_decode_headers-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_mime_decode_headers-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++
php-src/ext/iconv/tests/iconv_mime_decode_headers-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,13 @@
+--TEST--
+iconv_mime_decode_headers() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv_mime_decode_headers("a", null, $a));
+?>
+--EXPECTF--
+
+Warning: iconv_mime_decode_headers(): Charset parameter exceeds the maximum
allowed length of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_set_encoding-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index:
php-src/ext/iconv/tests/iconv_set_encoding-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_set_encoding-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++
php-src/ext/iconv/tests/iconv_set_encoding-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,21 @@
+--TEST--
+iconv_set_encoding() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv_set_encoding("input_encoding", $a));
+var_dump(iconv_set_encoding("output_encoding", $a));
+var_dump(iconv_set_encoding("internal_encoding", $a));
+?>
+--EXPECTF--
+
+Warning: iconv_set_encoding(): Charset parameter exceeds the maximum allowed
length of %d characters in %s on line %d
+bool(false)
+
+Warning: iconv_set_encoding(): Charset parameter exceeds the maximum allowed
length of %d characters in %s on line %d
+bool(false)
+
+Warning: iconv_set_encoding(): Charset parameter exceeds the maximum allowed
length of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_strlen-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/iconv/tests/iconv_strlen-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_strlen-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv_strlen-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,13 @@
+--TEST--
+iconv_strlen() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9791999);
+var_dump(iconv_strlen(1, $a));
+?>
+--EXPECTF--
+
+Warning: iconv_strlen(): Charset parameter exceeds the maximum allowed length
of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_strpos-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/iconv/tests/iconv_strpos-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_strpos-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv_strpos-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,13 @@
+--TEST--
+iconv_strpos() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv_strpos("a", "b", 0, $a));
+?>
+--EXPECTF--
+
+Warning: iconv_strpos(): Charset parameter exceeds the maximum allowed length
of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_strrpos-charset-length-cve-2007-4840.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/iconv/tests/iconv_strrpos-charset-length-cve-2007-4840.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_strrpos-charset-length-cve-2007-4840.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv_strrpos-charset-length-cve-2007-4840.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,13 @@
+--TEST--
+iconv_strrpos() charset parameter length checks (CVE-2007-4840)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat("/", 9000000);
+var_dump(iconv_strrpos("a", "b", $a));
+?>
+--EXPECTF--
+
+Warning: iconv_strrpos(): Charset parameter exceeds the maximum allowed length
of %d characters in %s on line %d
+bool(false)
http://cvs.php.net/viewvc.cgi/php-src/ext/iconv/tests/iconv_substr-charset-length-cve-2007-4783.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/iconv/tests/iconv_substr-charset-length-cve-2007-4783.phpt
diff -u /dev/null
php-src/ext/iconv/tests/iconv_substr-charset-length-cve-2007-4783.phpt:1.2
--- /dev/null Wed Sep 19 00:42:20 2007
+++ php-src/ext/iconv/tests/iconv_substr-charset-length-cve-2007-4783.phpt
Wed Sep 19 00:42:20 2007
@@ -0,0 +1,14 @@
+--TEST--
+iconv_substr() charset parameter length checks (CVE-2007-4783)
+--SKIPIF--
+<?php extension_loaded('iconv') or die('skip iconv extension is not
available'); ?>
+--FILE--
+<?php
+$a = str_repeat('A', 99897);
+$b = str_repeat('/', 2798349);
+var_dump(iconv_substr($a, 0, 1, $b));
+?>
+--EXPECTF--
+
+Warning: iconv_substr(): Charset parameter exceeds the maximum allowed length
of %d characters in %s on line %d
+bool(false)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
