archived-php-src/ext/session/tests/bug72681.phpt at 8856b3a63c6b3eefe83aecaa9e18afb640173708 - archived-php-src - Gitea: Git with a cup of tea

php/archived-php-src

mirror of https://github.com/php/php-src.git synced 2026-04-19 22:11:12 +02:00

Files

Stanislav Malyshev 8763c6090d Fix bug #72681 - consume data even if we're not storing them

2016-08-16 22:54:42 -07:00

17 lines

322 B

PHP

Raw Blame History

 --TEST--
 Bug #72681: PHP Session Data Injection Vulnerability
 --SKIPIF--
 <?php include('skipif.inc'); ?>
 --FILE--
 <?php
 ini_set('session.serialize_handler', 'php');
 session_start();
 $_SESSION['_SESSION'] = 'ryat|O:8:"stdClass":0:{}';
 session_write_close();
 session_start();
 var_dump($_SESSION);
 ?>
 --EXPECT--
 array(0) {
 }