open_basedir tests for directory functions

ext/standard/tests/dir/open_basedir.inc

@@ -0,0 +1,133 @@
+<?php
+
+// This file contains helper functions for testing open_basedir configuration
+// Care must be taken with where the directories are created because different
+// SAPIs set the working directory differently. So simply creating a directory
+// relative to the current working directory like this: mkdir("blah") might 
+// actually create it in several different places depending on the SAPI..!
+//
+// Note also depending on the version of php being tested, so the open_basedir
+// configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
+//
+// For this reason we set the open_basedir to . (current directory) and then
+// move around to various directories for testing using chdir(). This is NOT
+// recommended for production use as . bypasses all semblence of security..!
+//
+// Although safe mode has been removed in php 6.0, open_basedir is still valid.
+//      See http://www.php.net/features.safe-mode for more information
+
+function recursive_delete_directory($directory) {
+
+    // Remove any trailing slash first
+    if (substr($directory, -1) == '/') {
+        $directory = substr($directory, 0, -1);
+    }
+
+    // Make sure the directory is valid
+    if (is_dir($directory) == FALSE) {
+        return FALSE;
+    } 
+
+    // Check we can access the directory
+    if (is_readable($directory) == FALSE) {
+        return FALSE;
+    }
+
+    $handle = opendir($directory);
+
+    // Scan through the directory contents
+    while (FALSE !== ($item = readdir($handle))) {
+        if ($item != '.') {
+             if ($item != '..') {
+                $path = ($directory.'/'.$item);
+                if (is_dir($path) == TRUE) {
+                    recursive_delete_directory($path);
+                } else {
+					@chmod($path, 0777);
+                    unlink($path);
+                }
+            }
+        }
+    }
+
+    closedir($handle);
+	@chmod($directory, 0777);
+    rmdir($directory);
+
+    return TRUE;
+}
+
+function create_directories() {
+    delete_directories();
+    $directory = dirname(__FILE__);
+
+    var_dump(mkdir($directory."/test"));
+    var_dump(mkdir($directory."/test/ok"));
+    var_dump(mkdir($directory."/test/bad"));
+    file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
+    file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
+}
+
+function delete_directories() {
+    $directory = (dirname(__FILE__)."/test");
+    recursive_delete_directory($directory);
+}
+
+function test_open_basedir_error($function) {
+    var_dump($function("../bad"));
+    var_dump($function("../bad/bad.txt"));
+    var_dump($function(".."));
+    var_dump($function("../"));
+    var_dump($function("/"));
+    var_dump($function("../bad/."));
+    $directory = dirname(__FILE__);
+    var_dump($function($directory."/test/bad/bad.txt"));
+    var_dump($function($directory."/test/bad/../bad/bad.txt"));
+}
+
+function test_open_basedir_before($function, $change = TRUE) {
+    echo "*** Testing open_basedir configuration [$function] ***\n";
+    $directory = dirname(__FILE__);
+    var_dump(chdir($directory));
+    create_directories();
+
+    // Optionally change directory
+    if ($change == TRUE) {
+        var_dump(chdir($directory."/test/ok"));
+    }
+}
+
+// Delete directories using a --CLEAN-- section!
+function test_open_basedir_after($function) {
+    echo "*** Finished testing open_basedir configuration [$function] ***\n";
+}
+
+// This is used by functions that return an array on success
+function test_open_basedir_array($function) {
+    test_open_basedir_before($function);
+    test_open_basedir_error($function); 
+    var_dump(is_array($function("./../.")));
+    var_dump(is_array($function("../ok")));
+    var_dump(is_array($function("ok.txt")));
+    var_dump(is_array($function("../ok/ok.txt")));
+    $directory = dirname(__FILE__);
+    var_dump(is_array($function($directory."/test/ok/ok.txt")));
+    var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
+    test_open_basedir_after($function);
+}
+
+function test_open_basedir($function) {
+    test_open_basedir_before($function);
+    test_open_basedir_error($function);     
+    var_dump($function("./../."));
+    var_dump($function("../ok"));
+    var_dump($function("ok.txt"));
+    var_dump($function("../ok/ok.txt"));
+    $directory = dirname(__FILE__);
+    var_dump($function($directory."/test/ok/ok.txt"));
+    var_dump($function($directory."/test/ok/../ok/ok.txt"));
+    test_open_basedir_after($function);
+}
+
+?>
+

ext/standard/tests/dir/open_basedir_dir.phpt

@@ -0,0 +1,88 @@
+--TEST--
+Test open_basedir configuration
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+test_open_basedir_before("dir");
+test_open_basedir_error("dir");     
+
+$directory = dirname(__FILE__);
+var_dump(dir($directory."/test/ok/"));
+var_dump(dir($directory."/test/ok"));
+var_dump(dir($directory."/test/ok/../ok"));
+
+test_open_basedir_after("dir");?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+*** Testing open_basedir configuration [dir] ***
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: dir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(../bad): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(..): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(../): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(/): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(../bad/.): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(%s/test/bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: dir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: dir(%s/test/bad/../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+object(Directory)#1 (2) {
+  ["path"]=>
+  string(%d) "%s/test/ok/"
+  ["handle"]=>
+  resource(%d) of type (stream)
+}
+object(Directory)#1 (2) {
+  ["path"]=>
+  string(%d) "%s/test/ok"
+  ["handle"]=>
+  resource(%d) of type (stream)
+}
+object(Directory)#1 (2) {
+  ["path"]=>
+  string(%d) "%s/test/ok/../ok"
+  ["handle"]=>
+  resource(%d) of type (stream)
+}
+*** Finished testing open_basedir configuration [dir] ***
+

ext/standard/tests/dir/open_basedir_opendir.phpt

@@ -0,0 +1,73 @@
+--TEST--
+Test open_basedir configuration
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+test_open_basedir_before("opendir");
+test_open_basedir_error("opendir");     
+
+$directory = dirname(__FILE__);
+var_dump(opendir($directory."/test/ok/"));
+var_dump(opendir($directory."/test/ok"));
+var_dump(opendir($directory."/test/ok/../ok"));
+
+test_open_basedir_after("opendir");?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+*** Testing open_basedir configuration [opendir] ***
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: opendir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(../bad): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(..): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(../): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(/): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(../bad/.): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(%s/test/bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+
+Warning: opendir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: opendir(%s/test/bad/../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+bool(false)
+resource(8) of type (stream)
+resource(9) of type (stream)
+resource(10) of type (stream)
+*** Finished testing open_basedir configuration [opendir] ***
+

ext/standard/tests/dir/open_basedir_scandir.phpt

@@ -0,0 +1,110 @@
+--TEST--
+Test open_basedir configuration
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+test_open_basedir_before("scandir");
+test_open_basedir_error("scandir");     
+
+$directory = dirname(__FILE__);
+var_dump(scandir($directory."/test/ok/"));
+var_dump(scandir($directory."/test/ok"));
+var_dump(scandir($directory."/test/ok/../ok"));
+
+test_open_basedir_after("scandir");?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+*** Testing open_basedir configuration [scandir] ***
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: scandir(): open_basedir restriction in effect. File(../bad) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(../bad): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(..): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(../) is not within the allowed path(s): (.) in %s on line 80
+
+Warning: scandir(../): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(/): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(../bad/.) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(../bad/.): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(%s/test/bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(%s/test/bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+
+Warning: scandir(): open_basedir restriction in effect. File(%s/test/bad/../bad/bad.txt) is not within the allowed path(s): (.) in %s on line %d
+
+Warning: scandir(%s/test/bad/../bad/bad.txt): failed to open dir: Operation not permitted in %s on line %d
+
+Warning: scandir(): (errno 1): Operation not permitted in %s on line %d
+bool(false)
+array(3) {
+  [0]=>
+  string(1) "."
+  [1]=>
+  string(2) ".."
+  [2]=>
+  string(6) "ok.txt"
+}
+array(3) {
+  [0]=>
+  string(1) "."
+  [1]=>
+  string(2) ".."
+  [2]=>
+  string(6) "ok.txt"
+}
+array(3) {
+  [0]=>
+  string(1) "."
+  [1]=>
+  string(2) ".."
+  [2]=>
+  string(6) "ok.txt"
+}
+*** Finished testing open_basedir configuration [scandir] ***
+