def __init__(self, env: 'HttpdTestEnv'):
super().__init__(env=env)
self.add_source_dir(os.path.dirname(inspect.getfile(CoreTestSetup)))
- self.add_modules(["cgid"])
+ self.add_modules(["cgid","include"])
class CoreTestEnv(HttpdTestEnv):
--- /dev/null
+import pytest
+import textwrap
+
+from pyhttpd.conf import HttpdConf
+
+class TestSSIInjection:
+
+ @pytest.fixture(autouse=True, scope="class")
+ def _class_scope(self, env):
+ conf = HttpdConf(env, extras={
+ "base": textwrap.dedent(f"""
+ <Directory "{env.gen_dir}">
+ Options +Includes
+ AddType text/html .shtml
+ AddOutputFilter INCLUDES .shtml
+ </Directory>
+ """)
+ })
+ conf.install()
+ assert env.apache_restart() == 0
+
+ def test_ssi_004_01(self, env):
+ """
+ CVE-2025-58098:
+ Server Side Includes must not add query string to #exec cmd=...
+ """
+ url = env.mkurl("http", "htdocs", "/ssi/exec.shtml?INJECTED")
+ r = env.curl_get(url)
+
+ body = r.response["body"].decode("utf-8")
+ assert "SSI_OK" in body
+ assert "INJECTED" not in body
\ No newline at end of file
projects / thirdparty / apache / httpd.git / commitdiff
