forked from moodle/moodle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
filestorage_zip_archive_test.php
86 lines (73 loc) · 2.75 KB
/
filestorage_zip_archive_test.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Unit tests for /lib/filestorage/zip_archive.php.
*
* @package core_files
* @copyright 2020 Université Rennes 2 {@link https://www.univ-rennes2.fr}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
global $CFG;
require_once($CFG->libdir . '/filestorage/zip_archive.php');
/**
* Unit tests for /lib/filestorage/zip_archive.php.
*
* @package core_files
* @copyright 2020 Université Rennes 2 {@link https://www.univ-rennes2.fr}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class filestorage_zip_archive_testcase extends advanced_testcase {
/**
* Test mangle_pathname() method.
*
* @dataProvider pathname_provider
*
* @param string $string Parameter sent to mangle_pathname method.
* @param string $expected Expected return value.
*/
public function test_mangle_pathname($string, $expected) {
$ziparchive = new zip_archive();
$method = new ReflectionMethod('zip_archive', 'mangle_pathname');
$method->setAccessible(true);
$result = $method->invoke($ziparchive, $string);
$this->assertSame($expected, $result);
}
/**
* Provide some tested pathnames and expected results.
*
* @return array Array of tested pathnames and expected results.
*/
public function pathname_provider() {
return [
// Test a string.
['my file.pdf', 'my file.pdf'],
// Test a string with MS separator.
['c:\temp\my file.pdf', 'c:/temp/my file.pdf'],
// Test a string with 2 consecutive dots.
['my file..pdf', 'my file.pdf'],
// Test a string with 3 consecutive dots.
['my file...pdf', 'my file.pdf'],
// Test a string beginning with leading slash.
['/tmp/my file.pdf', 'tmp/my file.pdf'],
// Test some path traversal attacks.
['../../../../../etc/passwd', 'etc/passwd'],
['../', ''],
['.../...//', ''],
['.', ''],
];
}
}