MTimeProtectedFileStorageTest.php 4.11 KB
Newer Older
1 2 3 4
<?php

/**
 * @file
5
 * Definition of Drupal\Tests\Component\PhpStorage\MTimeProtectedFileStorageTest.
6 7
 */

8
namespace Drupal\Tests\Component\PhpStorage;
9

10
use Drupal\Component\PhpStorage\PhpStorageFactory;
11
use Drupal\Component\Utility\Settings;
12

13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
/**
 * Tests the directory mtime based PHP loader implementation.
 */
class MTimeProtectedFileStorageTest extends PhpStorageTestBase {

  /**
   * The expected test results for the security test.
   *
   * The default implementation protects against even the filemtime change so
   * both iterations will return FALSE.
   */
  protected $expected = array(FALSE, FALSE);

  protected $storageClass = 'Drupal\Component\PhpStorage\MTimeProtectedFileStorage';

  public static function getInfo() {
    return array(
      'name' => 'MTime protected file storage',
      'description' => 'Tests the MTimeProtectedFileStorage implementation.',
      'group' => 'PHP Storage',
    );
  }

  function setUp() {
    parent::setUp();
    $this->secret = $this->randomName();
39
    $settings['php_storage']['simpletest'] = array(
40
      'class' => $this->storageClass,
41
      'directory' => sys_get_temp_dir() . '/php',
42 43
      'secret' => $this->secret,
    );
44
    new Settings($settings);
45 46 47 48 49 50
  }

  /**
   * Tests basic load/save/delete operations.
   */
  function testCRUD() {
51
    $php = $this->storageFactory->get('simpletest');
52
    $this->assertSame(get_class($php), $this->storageClass);
53 54 55 56 57 58 59 60
    $this->assertCRUD($php);
  }

  /**
   * Tests the security of the MTimeProtectedFileStorage implementation.
   *
   * We test two attacks: first changes the file mtime, then the directory
   * mtime too.
61 62 63
   *
   * We need to delay over 1 second for mtime test.
   * @medium
64 65
   */
  function testSecurity() {
66
    $php = $this->storageFactory->get('simpletest');
67 68
    $name = 'simpletest.php';
    $php->save($name, '<?php');
69
    $expected_root_directory = sys_get_temp_dir() . '/php/simpletest';
70 71 72 73 74 75 76 77
    $expected_directory = $expected_root_directory . '/' . $name;
    $directory_mtime = filemtime($expected_directory);
    $expected_filename = $expected_directory . '/' . hash_hmac('sha256', $name, $this->secret . $directory_mtime) . '.php';

    // Ensure the file exists and that it and the containing directory have
    // minimal permissions. fileperms() can return high bits unrelated to
    // permissions, so mask with 0777.
    $this->assertTrue(file_exists($expected_filename));
78 79
    $this->assertSame(fileperms($expected_filename) & 0777, 0444);
    $this->assertSame(fileperms($expected_directory) & 0777, 0777);
80 81 82

    // Ensure the root directory for the bin has a .htaccess file denying web
    // access.
83
    $this->assertSame(file_get_contents($expected_root_directory . '/.htaccess'), call_user_func(array($this->storageClass, 'htaccessLines')));
84 85 86 87 88 89 90

    // Ensure that if the file is replaced with an untrusted one (due to another
    // script's file upload vulnerability), it does not get loaded. Since mtime
    // granularity is 1 second, we cannot prevent an attack that happens within
    // a second of the initial save().
    sleep(1);
    for ($i = 0; $i < 2; $i++) {
91
      $php = $this->storageFactory->get('simpletest');
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
      $GLOBALS['hacked'] = FALSE;
      $untrusted_code = "<?php\n" . '$GLOBALS["hacked"] = TRUE;';
      chmod($expected_directory, 0700);
      chmod($expected_filename, 0700);
      if ($i) {
        // Now try to write the file in such a way that the directory mtime
        // changes and invalidates the hash.
        file_put_contents($expected_filename . '.tmp', $untrusted_code);
        rename($expected_filename . '.tmp', $expected_filename);
      }
      else {
        // On the first try do not change the directory mtime but the filemtime
        // is now larger than the directory mtime.
        file_put_contents($expected_filename, $untrusted_code);
      }
      chmod($expected_filename, 0400);
      chmod($expected_directory, 0100);
109 110 111 112
      $this->assertSame(file_get_contents($expected_filename), $untrusted_code);
      $this->assertSame($php->exists($name), $this->expected[$i]);
      $this->assertSame($php->load($name), $this->expected[$i]);
      $this->assertSame($GLOBALS['hacked'], $this->expected[$i]);
113 114 115
    }
  }
}