TestExecCommandPing_Blacklist 测试Ping命令注入防护
(t *testing.T)
| 318 | |
| 319 | // TestExecCommandPing_Blacklist 测试Ping命令注入防护 |
| 320 | func TestExecCommandPing_Blacklist(t *testing.T) { |
| 321 | dangerousInputs := []struct { |
| 322 | name string |
| 323 | input string |
| 324 | }{ |
| 325 | {"分号注入", "192.168.1.1; rm -rf /"}, |
| 326 | {"与符号注入", "192.168.1.1 & whoami"}, |
| 327 | {"管道注入", "192.168.1.1 | cat /etc/passwd"}, |
| 328 | {"反引号注入", "192.168.1.1`whoami`"}, |
| 329 | {"美元符号", "192.168.1.1$USER"}, |
| 330 | {"反斜杠", "192.168.1.1\\nwhoami"}, |
| 331 | {"单引号", "192.168.1.1'"}, |
| 332 | {"百分号", "192.168.1.1%"}, |
| 333 | {"双引号", "192.168.1.1\""}, |
| 334 | {"换行符", "192.168.1.1\nwhoami"}, |
| 335 | } |
| 336 | |
| 337 | for _, tt := range dangerousInputs { |
| 338 | t.Run(tt.name, func(t *testing.T) { |
| 339 | result := ExecCommandPing(tt.input) |
| 340 | if result { |
| 341 | t.Errorf("ExecCommandPing(%q) = true, 应拒绝危险输入", tt.input) |
| 342 | } |
| 343 | }) |
| 344 | } |
| 345 | } |
| 346 | |
| 347 | // TestExecCommandPing_ValidInputs 测试合法IP格式 |
| 348 | func TestExecCommandPing_ValidInputs(t *testing.T) { |
nothing calls this directly
no test coverage detected