smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2026-05-19 23:24:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request from GHSA-29gp-2c3m-3j6m

Browse Source 
* Temporary fix. Waiting for CVE

* Add CVE
This commit is contained in:
Simon Wisselink
2022-01-10 00:01:43 +01:00
committed by GitHub
parent efb416e5ef
commit 215d81a9fa
3 changed files with 65 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/UnitTests/TemplateSource/ValueTests/Math/MathTest.php
+31
View File
@@ -107,4 +107,35 @@ class MathTest extends PHPUnit_Smarty
$tpl = $this->smarty->createTemplate('eval:{$x = "4"}{$y = "5.5"}{math equation="x * y" x=$x y=$y format="%0.2f"} -- {math equation="20.5 / 5" format="%0.2f"}');
$this->assertEquals($expected, $this->smarty->fetch($tpl));
}
/**
* @expectedException PHPUnit_Framework_Error_Warning
*/
public function testBackticksIllegal()
{
$expected = "22.00";
$tpl = $this->smarty->createTemplate('eval:{$x = "4"}{$y = "5.5"}{math equation="`ls` x * y" x=$x y=$y}');
$this->assertEquals($expected, $this->smarty->fetch($tpl));
}
/**
* @expectedException PHPUnit_Framework_Error_Warning
*/
public function testDollarSignsIllegal()
{
$expected = "22.00";
$tpl = $this->smarty->createTemplate('eval:{$x = "4"}{$y = "5.5"}{math equation="$" x=$x y=$y}');
$this->assertEquals($expected, $this->smarty->fetch($tpl));
}
/**
* @expectedException PHPUnit_Framework_Error_Warning
*/
public function testBracketsIllegal()
{
$expected = "I";
$tpl = $this->smarty->createTemplate('eval:{$x = "0"}{$y = "1"}{math equation="((y/x).(x))[x]" x=$x y=$y}');
$this->assertEquals($expected, $this->smarty->fetch($tpl));
}
}