/**
 *
 * Test cases for null-byte injections in Java.
 * Status of test cases:
 *
 * - Windows XP
 *  + WORKS: File(), Runtime.getRuntime().exec()
 *  + FAILS: String.equals(), environ.put()
 * 
 * @author Arshan Dabirsiaghi
 *
 */
import java.io.File;

import java.io.IOException;
import java.util.Map;

public class Test {

	public static final String NULL = String.valueOf((char)0);
	
	public static void main(String[] args) throws Throwable {

		testStringCompare();
		testFileOpen();
		testRuntimeExec();
		testEnvVariable();
		
	}
	
	public static void testStringCompare() {
		
		String test = "test";
		String test2 = "test" + NULL;
		String test3 = "te" + NULL + "st";
		
		System.out.println("[WORKS WITH STRING COMPARE] " + (test.equals(test2) || test.equals(test3)) );
	}
	
	public static void testFileOpen() throws IOException {

		String test = "C:/infile.html"; // replace with a file that exists on your system
		
		test = test + NULL + ".BOGUS";
		
		File file = new File(test);
		
		System.out.println("[WORKS WITH FILE] " + file.exists());
	
	}
	
	public static void testRuntimeExec() throws IOException {
				
		String test = "ping -n 1 localhost " + NULL + " 127.0.0.1"; // adjacent localhost and 127.0.0.1 will cause failure

		Process p = Runtime.getRuntime().exec(test);
		
		try {p.waitFor();}catch (InterruptedException ie){}

		System.out.println("[WORKS WITH RUNTIME] " + (p.exitValue() == 0));
		
	}
	
	public static void testEnvVariable() throws IOException {
		
		
		String os = System.getenv("os.name") + NULL;
		String proc = "cmd.exe";
		
		ProcessBuilder pb = new ProcessBuilder(proc);
		Map<String,String> env = pb.environment();
		
		boolean worksWithEnvironmentVariables = false;
		
		try {
			
			env.put("os.name",os);
		
			Process p = pb.start();
		
			worksWithEnvironmentVariables = os.equals(env.get("os.name"));
			
			p.destroy();
				
		} catch (IllegalArgumentException iae) { }
		
		System.out.println("[WORKS WITH ENV VARIABLES] "+ worksWithEnvironmentVariables);
		
	}
}