mirror of
https://github.com/php/php-src.git
synced 2024-09-22 10:27:25 +00:00
26 lines
486 B
PHP
26 lines
486 B
PHP
--TEST--
|
|
Bug #68710 Use after free vulnerability in unserialize() (bypassing the
|
|
CVE-2014-8142 fix)
|
|
--FILE--
|
|
<?php
|
|
for ($i=4; $i<100; $i++) {
|
|
$m = new StdClass();
|
|
|
|
$u = array(1);
|
|
|
|
$m->aaa = array(1,2,&$u,4,5);
|
|
$m->bbb = 1;
|
|
$m->ccc = &$u;
|
|
$m->ddd = str_repeat("A", $i);
|
|
|
|
$z = serialize($m);
|
|
$z = str_replace("aaa", "123", $z);
|
|
$z = str_replace("bbb", "123", $z);
|
|
$y = unserialize($z);
|
|
$z = serialize($y);
|
|
}
|
|
?>
|
|
===DONE===
|
|
--EXPECT--
|
|
===DONE===
|