golden hour
/opt/PHP-Antimalware-Scanner/tests/Unit
⬆️ Go Up
Upload
File/Folder
Size
Actions
ActionsTest.php
3.99 KB
Del
OK
CodeMatchTest.php
3.03 KB
Del
OK
DeobfuscatorTest.php
3.14 KB
Del
OK
PathTest.php
2.19 KB
Del
OK
Edit: ActionsTest.php
<?php /** * PHP Antimalware Scanner. * * @author Marco Cesarato <cesarato.developer@gmail.com> * @license http://opensource.org/licenses/gpl-3.0.html GNU Public License * * @see https://github.com/marcocesarato/PHP-Antimalware-Scanner */ namespace AMWScan\Tests\Unit; use AMWScan\Actions; use AMWScan\Scanner; use PHPUnit\Framework\TestCase; class ActionsTest extends TestCase { private $whitelistFile; protected function setUp(): void { $this->whitelistFile = tempnam(sys_get_temp_dir(), 'whitelist_') . '.json'; Scanner::$whitelist = []; Scanner::$pathWhitelist = $this->whitelistFile; Scanner::$pathScan = '/scan/'; } protected function tearDown(): void { if (file_exists($this->whitelistFile)) { unlink($this->whitelistFile); } Scanner::$whitelist = []; } public function testAddToWhitelistWritesValidJson() { $patternFound = [ [ 'key' => 'eval_exploit', 'line' => 5, 'match' => 'eval($code)', ], ]; $result = Actions::addToWhitelist('/scan/malware.php', $patternFound); $this->assertNotFalse($result, 'addToWhitelist should return bytes written on success'); $this->assertFileExists($this->whitelistFile); $contents = file_get_contents($this->whitelistFile); $decoded = json_decode($contents, true); $this->assertIsArray($decoded, 'Whitelist file should contain valid JSON'); $this->assertCount(1, $decoded); } public function testAddToWhitelistPreservesExistingEntries() { $firstPattern = [ ['key' => 'eval_exploit', 'line' => 5, 'match' => 'eval($code)'], ]; Actions::addToWhitelist('/scan/first.php', $firstPattern); $secondPattern = [ ['key' => 'base64_exploit', 'line' => 10, 'match' => 'base64_decode($data)'], ]; Actions::addToWhitelist('/scan/second.php', $secondPattern); $contents = file_get_contents($this->whitelistFile); $decoded = json_decode($contents, true); $this->assertIsArray($decoded); $this->assertCount(2, $decoded, 'Both entries should be preserved in the whitelist'); } public function testAddToWhitelistWithInvalidUtf8DoesNotTruncateFile() { // Write initial valid content to the whitelist file $initialContent = json_encode(['existing_key' => ['file' => '/clean.php', 'exploit' => 'test', 'line' => 1, 'match' => 'safe']]); file_put_contents($this->whitelistFile, $initialContent); Scanner::$whitelist = json_decode($initialContent, true); // Attempt to add an entry whose 'match' contains invalid UTF-8 binary data $patternFound = [ [ 'key' => 'binary_exploit', 'line' => 3, 'match' => "evil\x80\x81\x82code", // invalid UTF-8 bytes ], ]; Actions::addToWhitelist('/scan/malware.php', $patternFound); // The whitelist file must NOT be truncated to 0 bytes $this->assertGreaterThan(0, filesize($this->whitelistFile), 'Whitelist file must not be truncated when a match contains invalid UTF-8'); } public function testAddToWhitelistWithInvalidUtf8UsesSubstitution() { $patternFound = [ [ 'key' => 'binary_exploit', 'line' => 3, 'match' => "evil\x80\x81code", // invalid UTF-8 bytes ], ]; $result = Actions::addToWhitelist('/scan/malware.php', $patternFound); // With JSON_INVALID_UTF8_SUBSTITUTE the encoding succeeds, so bytes are written $this->assertNotFalse($result, 'addToWhitelist should succeed by substituting invalid UTF-8 characters'); $contents = file_get_contents($this->whitelistFile); $decoded = json_decode($contents, true); $this->assertIsArray($decoded, 'Result should be a valid JSON array even with substituted characters'); } }
Save