php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.4'

Browse Source 
* PHP-8.4:
  Fix bug71610.phpt
This commit is contained in:
Christoph M. Becker
2024-09-26 13:19:21 +02:00
parent 9ee9c0e674 d6b8ef81d7
commit 9e3b959bf9
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ext/soap/tests/bugs/bug71610.phpt
View File

@@ -4,11 +4,20 @@ SOAP Bug #71610 - Type Confusion Vulnerability - SOAP / make_http_soap_request()
soap
--SKIPIF--
<?php
if (getenv("SKIP_ONLINE_TESTS")) die("skip online test");
if (!file_exists(__DIR__ . "/../../../../sapi/cli/tests/php_cli_server.inc")) {
echo "skip sapi/cli/tests/php_cli_server.inc required but not found";
}
?>
--FILE--
<?php
$exploit = unserialize('O:10:"SoapClient":3:{s:3:"uri";s:1:"a";s:8:"location";s:19:"http://example.org/";s:8:"_cookies";a:1:{s:8:"manhluat";a:3:{i:0;s:0:"";i:1;N;i:2;N;}}}');
include __DIR__ . "/../../../../sapi/cli/tests/php_cli_server.inc";
php_cli_server_start();
$url = "http://" . PHP_CLI_SERVER_ADDRESS;
$ser = 'O:10:"SoapClient":3:{s:3:"uri";s:1:"a";s:8:"location";s:' . strlen($url) . ':"'
. $url . '";s:8:"_cookies";a:1:{s:8:"manhluat";a:3:{i:0;s:0:"";i:1;N;i:2;N;}}}';
$exploit = unserialize($ser);
try {
$exploit->blahblah();
} catch(SoapFault $e) {