From aecf88993caa09349ba746d0d5a2d69c8dc2b5d2 Mon Sep 17 00:00:00 2001
From: David Rothstein <drothstein@gmail.com>
Date: Mon, 7 Jan 2013 22:27:23 -0500
Subject: Issue #1870612 by David_Rothstein, plach, greggles: Add tests for
 SA-CORE-2012-004 - Drupal core - Arbitrary code execution via file upload.

---
 modules/simpletest/tests/file.test | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'modules/simpletest/tests')

diff --git a/modules/simpletest/tests/file.test b/modules/simpletest/tests/file.test
index 3df31ba5f..ebaa0c034 100644
--- a/modules/simpletest/tests/file.test
+++ b/modules/simpletest/tests/file.test
@@ -2578,6 +2578,15 @@ class FileNameMungingTest extends FileTestCase {
     $this->assertNotEqual($munged_name, $this->name, t('The new filename (%munged) has been modified from the original (%original)', array('%munged' => $munged_name, '%original' => $this->name)));
   }
 
+  /**
+   * Tests munging with a null byte in the filename.
+   */
+  function testMungeNullByte() {
+    $prefix = $this->randomName();
+    $filename = $prefix . '.' . $this->bad_extension . "\0.txt";
+    $this->assertEqual(file_munge_filename($filename, ''), $prefix . '.' . $this->bad_extension . '_.txt', 'A filename with a null byte is correctly munged to remove the null byte.');
+  }
+
   /**
    * If the allow_insecure_uploads variable evaluates to true, the file should
    * come out untouched, no matter how evil the filename.
-- 
cgit v1.2.3