diff options
| author | David Rothstein <drothstein@gmail.com> | 2013-01-07 22:27:23 -0500 |
|---|---|---|
| committer | David Rothstein <drothstein@gmail.com> | 2013-01-07 22:27:23 -0500 |
| commit | aecf88993caa09349ba746d0d5a2d69c8dc2b5d2 (patch) | |
| tree | d60ef4487b271647eb8c6e593fad9a28720c9e5d | |
| parent | 3e5c778d4a89c8305b770c3f7cf1e81de801e094 (diff) | |
| download | brdo-aecf88993caa09349ba746d0d5a2d69c8dc2b5d2.tar.gz brdo-aecf88993caa09349ba746d0d5a2d69c8dc2b5d2.tar.bz2 | |
Issue #1870612 by David_Rothstein, plach, greggles: Add tests for SA-CORE-2012-004 - Drupal core - Arbitrary code execution via file upload.
| -rw-r--r-- | modules/simpletest/tests/file.test | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/modules/simpletest/tests/file.test b/modules/simpletest/tests/file.test index 3df31ba5f..ebaa0c034 100644 --- a/modules/simpletest/tests/file.test +++ b/modules/simpletest/tests/file.test @@ -2579,6 +2579,15 @@ class FileNameMungingTest extends FileTestCase { } /** + * Tests munging with a null byte in the filename. + */ + function testMungeNullByte() { + $prefix = $this->randomName(); + $filename = $prefix . '.' . $this->bad_extension . "\0.txt"; + $this->assertEqual(file_munge_filename($filename, ''), $prefix . '.' . $this->bad_extension . '_.txt', 'A filename with a null byte is correctly munged to remove the null byte.'); + } + + /** * If the allow_insecure_uploads variable evaluates to true, the file should * come out untouched, no matter how evil the filename. */ |