mirror of
https://github.com/PHPMailer/PHPMailer.git
synced 2024-09-20 01:52:15 +02:00
Tests/reorganize: move denial of service tests to own file
This commit is contained in:
parent
e372a5e85b
commit
6b95da3e65
@ -865,36 +865,6 @@ EOT;
|
||||
$this->Mail->smtpClose();
|
||||
}
|
||||
|
||||
/**
|
||||
* Test this denial of service attack.
|
||||
*
|
||||
* @see http://www.cybsec.com/vuln/PHPMailer-DOS.pdf
|
||||
*/
|
||||
public function testDenialOfServiceAttack()
|
||||
{
|
||||
$this->Mail->Body = 'This should no longer cause a denial of service.';
|
||||
$this->buildBody();
|
||||
|
||||
$this->Mail->Subject = substr(str_repeat('0123456789', 100), 0, 998);
|
||||
self::assertTrue($this->Mail->send(), $this->Mail->ErrorInfo);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests this denial of service attack.
|
||||
*
|
||||
* According to the ticket, this should get stuck in a loop, though I can't make it happen.
|
||||
* @see https://sourceforge.net/p/phpmailer/bugs/383/
|
||||
*
|
||||
* @doesNotPerformAssertions
|
||||
*/
|
||||
public function testDenialOfServiceAttack2()
|
||||
{
|
||||
//Encoding name longer than 68 chars
|
||||
$this->Mail->Encoding = '1234567890123456789012345678901234567890123456789012345678901234567890';
|
||||
//Call wrapText with a zero length value
|
||||
$this->Mail->wrapText(str_repeat('This should no longer cause a denial of service. ', 30), 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test error handling.
|
||||
*/
|
||||
|
53
test/Security/DenialOfServiceVectorsTest.php
Normal file
53
test/Security/DenialOfServiceVectorsTest.php
Normal file
@ -0,0 +1,53 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* PHPMailer - PHP email transport unit tests.
|
||||
* PHP version 5.5.
|
||||
*
|
||||
* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
|
||||
* @author Andy Prevost
|
||||
* @copyright 2012 - 2020 Marcus Bointon
|
||||
* @copyright 2004 - 2009 Andy Prevost
|
||||
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
|
||||
*/
|
||||
|
||||
namespace PHPMailer\Test\Security;
|
||||
|
||||
use PHPMailer\Test\SendTestCase;
|
||||
|
||||
/**
|
||||
* Test denial of service attack vectors, which have been mitigated.
|
||||
*/
|
||||
final class DenialOfServiceVectorsTest extends SendTestCase
|
||||
{
|
||||
|
||||
/**
|
||||
* Test this denial of service attack.
|
||||
*
|
||||
* @see http://www.cybsec.com/vuln/PHPMailer-DOS.pdf
|
||||
*/
|
||||
public function testDenialOfServiceAttack()
|
||||
{
|
||||
$this->Mail->Body = 'This should no longer cause a denial of service.';
|
||||
$this->buildBody();
|
||||
|
||||
$this->Mail->Subject = substr(str_repeat('0123456789', 100), 0, 998);
|
||||
self::assertTrue($this->Mail->send(), $this->Mail->ErrorInfo);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests this denial of service attack.
|
||||
*
|
||||
* According to the ticket, this should get stuck in a loop, though I can't make it happen.
|
||||
* @see https://sourceforge.net/p/phpmailer/bugs/383/
|
||||
*
|
||||
* @doesNotPerformAssertions
|
||||
*/
|
||||
public function testDenialOfServiceAttack2()
|
||||
{
|
||||
//Encoding name longer than 68 chars
|
||||
$this->Mail->Encoding = '1234567890123456789012345678901234567890123456789012345678901234567890';
|
||||
//Call wrapText with a zero length value
|
||||
$this->Mail->wrapText(str_repeat('This should no longer cause a denial of service. ', 30), 0);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user