apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-24 20:28:06 +02:00
Code Issues Projects Releases Packages Wiki Activity

[pitboss/grind] deferred session-0016 (20260516T052512Z-20f8)

Browse source
This commit is contained in:
pitboss 2026-05-16 09:25:31 -05:00
parent f701b43152
commit 608929194d
5 changed files with 287 additions and 108 deletions
Download patch file Download diff file Expand all files Collapse all files

81
tests/php_fixtures.rs
View file

@ -455,20 +455,12 @@ mod php_fixture_tests {
#[cfg(feature = "dynamic")]
mod phase15_shape_tests {
use crate::common::fixture_harness::run_shape_fixture_lang;
use crate::common::fixture_harness::{run_shape_fixture_lang_or_skip, Prerequisite};
use nyx_scanner::dynamic::spec::PayloadSlot;
use nyx_scanner::evidence::{EntryKind, VerifyResult, VerifyStatus};
use nyx_scanner::labels::Cap;
use nyx_scanner::symbol::Lang;
fn php_available() -> bool {
std::process::Command::new("php")
.arg("--version")
.output()
.map(|o| o.status.success())
.unwrap_or(false)
}
fn assert_confirmed(shape: &str, result: &VerifyResult) {
assert_eq!(
result.status,
@ -504,8 +496,15 @@ mod phase15_shape_tests {
sink_line: u32,
kind: EntryKind,
slot: PayloadSlot,
) -> VerifyResult {
run_shape_fixture_lang(
) -> Option<VerifyResult> {
// Phase 29 (Track I): replace the bespoke `php_available()` +
// per-test `eprintln!("SKIP ..."); return;` blocks with the
// structured `Prerequisite::CommandAvailable("php")` gate. The
// helper emits the same SKIP line and returns `None` so each
// test can short-circuit via `let Some(r) = run(...) else {
// return; };`.
run_shape_fixture_lang_or_skip(
&[Prerequisite::CommandAvailable("php")],
Lang::Php, "php", shape, file, func, cap, sink_line, kind, slot,
)
}
@ -514,27 +513,23 @@ mod phase15_shape_tests {
#[test]
fn route_closure_vuln_is_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"route_closure", "vuln.php", "run", Cap::CODE_EXEC, 10,
EntryKind::HttpRoute, PayloadSlot::Param(0),
);
) else {
return;
};
assert_confirmed("route_closure", &r);
}
#[test]
fn route_closure_benign_not_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"route_closure", "benign.php", "run", Cap::CODE_EXEC, 11,
EntryKind::HttpRoute, PayloadSlot::Param(0),
);
) else {
return;
};
assert_not_confirmed("route_closure", &r);
}
@ -542,27 +537,23 @@ mod phase15_shape_tests {
#[test]
fn cli_script_vuln_is_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"cli_script", "vuln.php", "main", Cap::CODE_EXEC, 8,
EntryKind::CliSubcommand, PayloadSlot::Argv(0),
);
) else {
return;
};
assert_confirmed("cli_script", &r);
}
#[test]
fn cli_script_benign_not_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"cli_script", "benign.php", "main", Cap::CODE_EXEC, 11,
EntryKind::CliSubcommand, PayloadSlot::Argv(0),
);
) else {
return;
};
assert_not_confirmed("cli_script", &r);
}
@ -570,27 +561,23 @@ mod phase15_shape_tests {
#[test]
fn top_level_script_vuln_is_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"top_level_script", "vuln.php", "", Cap::CODE_EXEC, 8,
EntryKind::Function, PayloadSlot::EnvVar("NYX_PAYLOAD".into()),
);
) else {
return;
};
assert_confirmed("top_level_script", &r);
}
#[test]
fn top_level_script_benign_not_confirmed() {
if !php_available() {
eprintln!("SKIP: php not available");
return;
}
let r = run(
let Some(r) = run(
"top_level_script", "benign.php", "", Cap::CODE_EXEC, 10,
EntryKind::Function, PayloadSlot::EnvVar("NYX_PAYLOAD".into()),
);
) else {
return;
};
assert_not_confirmed("top_level_script", &r);
}
}