pdftract/crates/pdftract-core/tests
jedarden a3d9ce19e6 test(pdftract-43jxa): implement TH-07 ps leak security test
Implement TH-07 security test validating that PDF password ingress
channels properly prevent password disclosure via process arg list.

Test cases:
- --password VALUE rejected with exit 64 without opt-in
- --password VALUE with PDFTRACT_INSECURE_CLI_PASSWORD=1 proceeds with warning
- --password-stdin works correctly
- PDFTRACT_PASSWORD env var works correctly
- Password leaks in /proc/<pid>/cmdline under opt-in (proving the vulnerability)
- Password does NOT leak with --password-stdin or env var

Closes: pdftract-43jxa
2026-05-25 00:45:57 -04:00
..
conformance.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
memory_guard.rs feat(bf-2ervu): implement mmap-backed PdfSource via memmap2 2026-05-24 08:40:11 -04:00
memory_guard_tests.rs feat(bf-2ervu): implement mmap-backed PdfSource via memmap2 2026-05-24 08:40:11 -04:00
ocr_integration.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
page_classification.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
struct_tree_coverage.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
test_xref_debug.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
TH-03-mcp-no-auth.rs test(pdftract-5m3hp): implement TH-03 MCP no-auth bind security tests 2026-05-24 18:43:52 -04:00
TH-07-ps-leak.rs test(pdftract-43jxa): implement TH-07 ps leak security test 2026-05-25 00:45:57 -04:00
th_05_ssrf_block.rs feat(pdftract-3s2i): implement Phase 5.5.2 validation filter 2026-05-24 04:57:17 -04:00
xref_helpers.rs feat(bf-2ervu): implement mmap-backed PdfSource via memmap2 2026-05-24 08:40:11 -04:00
xref_integration_test.rs feat(bf-2ervu): implement mmap-backed PdfSource via memmap2 2026-05-24 08:40:11 -04:00