php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-23 16:08:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
5f4e034e570176cf63aaa29d2d476ddff2d0580b
archived-php-src/ext/standard/tests/general_functions/bug69646.phpt
T
Peter Kokot b746e69887 Sync leading and final newlines in *.phpt sections 
This patch adds missing newlines, trims multiple redundant final
newlines into a single one, and trims redundant leading newlines in all
*.phpt sections.

According to POSIX, a line is a sequence of zero or more non-' <newline>'
characters plus a terminating '<newline>' character. [1] Files should
normally have at least one final newline character.

C89 [2] and later standards [3] mention a final newline:
"A source file that is not empty shall end in a new-line character,
which shall not be immediately preceded by a backslash character."

Although it is not mandatory for all files to have a final newline
fixed, a more consistent and homogeneous approach brings less of commit
differences issues and a better development experience in certain text
editors and IDEs.

[1] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_206
[2] https://port70.net/~nsz/c/c89/c89-draft.html#2.1.1.2
[3] https://port70.net/~nsz/c/c99/n1256.html#5.1.1.2
2018-10-15 04:32:30 +02:00

47 lines
824 B
PHP
Raw Blame History

--TEST--
Bug #69646 OS command injection vulnerability in escapeshellarg()
--SKIPIF--
<?php
if( substr(PHP_OS, 0, 3) != "WIN" )
die("skip.. Windows only");
?>
--FILE--
<?php
$a = 'a\\';
$b = 'b -c d\\';
var_dump( $a, escapeshellarg($a) );
var_dump( $b, escapeshellarg($b) );
$helper_script = <<<SCRIPT
<?php
print( "--- ARG INFO ---\n" );
var_dump( \$argv );
SCRIPT;
$script = dirname(__FILE__) . DIRECTORY_SEPARATOR . "arginfo.php";
file_put_contents($script, $helper_script);
$cmd = PHP_BINARY . " " . $script . " " . escapeshellarg($a) . " " . escapeshellarg($b);
system($cmd);
unlink($script);
?>
--EXPECTF--
string(2) "a\"
string(5) ""a\\""
string(7) "b -c d\"
string(10) ""b -c d\\""
--- ARG INFO ---
array(3) {
[0]=>
string(%d) "%sarginfo.php"
[1]=>
string(2) "a\"
[2]=>
string(7) "b -c d\"
}
Reference in New Issue View Git Blame Copy Permalink