mirror of
https://github.com/php/php-src.git
synced 2026-04-27 18:23:26 +02:00
Christoph M. Becker
aafa6ea386
This test puts a fake cmd.exe in the CWD and removes it only after the test has finished. We need to avoid that other tests are running while that fake cmd.exe is there, because they may use it instead of the proper cmd.exe. We also unlink the fake cmd.exe as soon as possible, regardless of the test result. Fixes GH-17098. Closes GH-17090.
32 lines
698 B
PHP
32 lines
698 B
PHP
--TEST--
|
|
Harden against cmd.exe hijacking
|
|
--CONFLICTS--
|
|
all
|
|
--SKIPIF--
|
|
<?php
|
|
if (PHP_OS_FAMILY !== "Windows") die("skip only for Windows");
|
|
?>
|
|
--FILE--
|
|
<?php
|
|
copy(__DIR__ . "/../helpers/bad_cmd.exe", "cmd.exe");
|
|
$spec = [["pipe", "r"], ["pipe", "w"], ["pipe", "w"]];
|
|
var_dump($proc = proc_open("@echo hello", $spec, $pipes, null));
|
|
$read = [$pipes[1], $pipes[2]];
|
|
$write = $except = null;
|
|
if (($num = stream_select($read, $write, $except, 1000)) === false) {
|
|
echo "stream_select() failed\n";
|
|
} elseif ($num > 0) {
|
|
foreach ($read as $stream) {
|
|
fpassthru($stream);
|
|
}
|
|
}
|
|
@unlink("cmd.exe");
|
|
?>
|
|
--EXPECTF--
|
|
resource(%d) of type (process)
|
|
hello
|
|
--CLEAN--
|
|
<?php
|
|
@unlink("cmd.exe");
|
|
?>
|