mirror of
https://github.com/php/php-src.git
synced 2026-04-26 01:18:19 +02:00
Christoph M. Becker
37d0c7b0e4
These tests actually check that no file with a name containing a NUL is created by the GD image output functions. This is superfluous, since it is sufficient to check that the function failed, and that an appropriate warning has been raised. We also add missing nullbyte injection tests.
15 lines
354 B
PHP
15 lines
354 B
PHP
--TEST--
|
|
Testing null byte injection in imagegd2
|
|
--SKIPIF--
|
|
<?php
|
|
if(!extension_loaded('gd')){ die('skip gd extension not available'); }
|
|
?>
|
|
--FILE--
|
|
<?php
|
|
$image = imagecreate(1,1);// 1px image
|
|
var_dump(imagegd2($image, "./foo\0bar"));
|
|
?>
|
|
--EXPECTF--
|
|
Warning: imagegd2() expects parameter 2 to be a valid path, string given in %s on line %d
|
|
NULL
|