summaryrefslogtreecommitdiff
path: root/tests/UnitTests
diff options
context:
space:
mode:
authorSimon Wisselink <s.wisselink@iwink.nl>2021-01-24 23:44:07 +0100
committerSimon Wisselink <s.wisselink@iwink.nl>2021-01-24 23:44:07 +0100
commit165f1bd4d2eec328cfeaca517a725b46001de838 (patch)
tree15037dafac8545ab83207c5e7913c3d39c179607 /tests/UnitTests
parentfedc1270574cf722d9d7462534e0a7c11b03d3b7 (diff)
downloadsmarty-165f1bd4d2eec328cfeaca517a725b46001de838.tar.gz
smarty-165f1bd4d2eec328cfeaca517a725b46001de838.tar.bz2
smarty-165f1bd4d2eec328cfeaca517a725b46001de838.zip
Fixed Code injection vulnerability by using illegal function names
Diffstat (limited to 'tests/UnitTests')
-rw-r--r--tests/UnitTests/TemplateSource/TagTests/TemplateFunction/CompileFunctionTest.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/tests/UnitTests/TemplateSource/TagTests/TemplateFunction/CompileFunctionTest.php b/tests/UnitTests/TemplateSource/TagTests/TemplateFunction/CompileFunctionTest.php
index d2be82ca..6c902a68 100644
--- a/tests/UnitTests/TemplateSource/TagTests/TemplateFunction/CompileFunctionTest.php
+++ b/tests/UnitTests/TemplateSource/TagTests/TemplateFunction/CompileFunctionTest.php
@@ -431,5 +431,14 @@ class CompileFunctionTest extends PHPUnit_Smarty
array("{function name=simple}A{\$foo}\nC{/function}{call name='simple'}", "Abar\nC", 'T14', $i++),
array("{function name=simple}A\n{\$foo}\nC{/function}{call name='simple'}", "A\nbar\nC", 'T15', $i++),
);
- }
+ }
+
+ /**
+ * Test handling of function names that are a security risk
+ */
+ public function testIllegalFunctionName() {
+ $this->expectException(SmartyCompilerException::class);
+ $this->smarty->fetch('string:{function name=\'rce(){};echo "hi";function \'}{/function}');
+ }
+
}