mirror of
https://github.com/php/php-src.git
synced 2024-09-24 19:37:26 +00:00
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5: added test for bug #69646
This commit is contained in:
commit
b19790ab34
47
ext/standard/tests/general_functions/bug69646.phpt
Normal file
47
ext/standard/tests/general_functions/bug69646.phpt
Normal file
@ -0,0 +1,47 @@
|
||||
--TEST--
|
||||
Bug #69646 OS command injection vulnerability in escapeshellarg()
|
||||
--SKIPIF--
|
||||
<?php
|
||||
if( substr(PHP_OS, 0, 3) != "WIN" )
|
||||
die("skip.. Windows only");
|
||||
?>
|
||||
--FILE--
|
||||
<?php
|
||||
|
||||
$a = 'a\\';
|
||||
$b = 'b -c d\\';
|
||||
var_dump( $a, escapeshellarg($a) );
|
||||
var_dump( $b, escapeshellarg($b) );
|
||||
|
||||
$helper_script = <<<SCRIPT
|
||||
<?php
|
||||
|
||||
print( "--- ARG INFO ---\n" );
|
||||
var_dump( \$argv );
|
||||
|
||||
SCRIPT;
|
||||
|
||||
$script = dirname(__FILE__) . DIRECTORY_SEPARATOR . "arginfo.php";
|
||||
file_put_contents($script, $helper_script);
|
||||
|
||||
$cmd = PHP_BINARY . " " . $script . " " . escapeshellarg($a) . " " . escapeshellarg($b);
|
||||
|
||||
system($cmd);
|
||||
|
||||
unlink($script);
|
||||
?>
|
||||
--EXPECTF--
|
||||
string(2) "a\"
|
||||
string(5) ""a\\""
|
||||
string(7) "b -c d\"
|
||||
string(10) ""b -c d\\""
|
||||
--- ARG INFO ---
|
||||
array(3) {
|
||||
[0]=>
|
||||
string(%d) "%sarginfo.php"
|
||||
[1]=>
|
||||
string(2) "a\"
|
||||
[2]=>
|
||||
string(7) "b -c d\"
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user