Add pathological test for deeply-nested blocks

thephpleague · Dec 7, 2024 · d777db8 · d777db8
1 parent 92dbad9
commit d777db8
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 4 deletions.
diff --git a/tests/pathological/convert.php b/tests/pathological/convert.php
@@ -35,12 +35,16 @@
     exit(1);
 }
 
-$environment = new Environment();
+$config = [];
+if (isset($argv[1])) {
+    $config = \json_decode($argv[1], true);
+}
+
+$environment = new Environment($config);
 $environment->addExtension(new CommonMarkCoreExtension());
 
 // Enable additional extensions if requested
-$extension = $argv[1] ?? null;
-switch ($argv[1] ?? null) {
+switch ($argv[2] ?? null) {
     case 'table':
         $environment->addExtension(new TableExtension());
         break;

diff --git a/tests/pathological/test.php b/tests/pathological/test.php
@@ -221,6 +221,22 @@
         'input' => static fn($n) => \str_repeat(">", $n) . \str_repeat(".", $n) . "\n",
         'expected' => static fn($n) => \str_repeat("<blockquote>\n", $n) . '<p>' . \str_repeat('.', $n) . "</p>\n" . \str_repeat("</blockquote>\n", $n),
     ],
+    'CVE-2023-24824 test 1' => [
+        'ref' => 'https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh',
+        'sizes' => [1_000, 10_000, 100_000],
+        'input' => static fn($n) => \str_repeat(">", $n) . \str_repeat("a*", $n) . "\n",
+        'configuration' => [
+            'max_nesting_level' => 1_000,
+        ],
+    ],
+    'CVE-2023-24824 test 2' => [
+        'ref' => 'https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh',
+        'sizes' => [500, 5_000, 50_000],
+        'input' => static fn($n) => \str_repeat(" -", $n) . 'x' . \str_repeat("\n", $n),
+        'configuration' => [
+            'max_nesting_level' => 500,
+        ],
+    ],
     'CVE-2023-26485 test 1' => [
         'ref' => 'https://github.com/github/cmark-gfm/security/advisories/GHSA-r8vr-c48j-fcc5',
         'sizes' => [50, 500, 5_000], // ideally should be 1000, 10_000, 100_000 but recursive rendering makes large sizes fail
@@ -294,7 +310,7 @@
         if (isset($_ENV['CI']) || isset($_SERVER['CI'])) {
             $command = ['php', 'convert.php'];
         } else {
-            $command = ['php', '-n', 'convert.php'];
+            $command = ['php', '-n', 'convert.php', \json_encode($case['configuration'] ?? [])];
         }
 
         if (isset($case['extension'])) {