source: src/router/php7/ext/fileinfo/tests/cve-2014-1943-mb.phpt @ 31874

Last change on this file since 31874 was 31874, checked in by brainslayer, 6 weeks ago

update php

File size: 949 bytes
Line 
1--TEST--
2Bug #66731: file: infinite recursion
3--SKIPIF--
4<?php
5if (!class_exists('finfo'))
6        die('skip no fileinfo extension');
7--FILE--
8<?php
9$fd = __DIR__.'/cve-2014-1943私はガラスを食べられたす.data';
10$fm = __DIR__.'/cve-2014-1943私はガラスを食べられたす.magic';
11
12$a = "\105\122\000\000\000\000\000";
13$b = str_repeat("\001", 250000);
14$m =  "0           byte        x\n".
15      ">(1.b)      indirect    x\n";
16
17file_put_contents($fd, $a);
18$fi = finfo_open(FILEINFO_NONE);
19var_dump(finfo_file($fi, $fd));
20finfo_close($fi);
21
22file_put_contents($fd, $b);
23file_put_contents($fm, $m);
24$fi = finfo_open(FILEINFO_NONE, $fm);
25var_dump(finfo_file($fi, $fd));
26finfo_close($fi);
27?>
28Done
29--CLEAN--
30<?php
31@unlink(__DIR__.'/cve-2014-1943.data');
32@unlink(__DIR__.'/cve-2014-1943.magic');
33?>
34--EXPECTF--
35string(%d) "%s"
36
37Warning: finfo_file(): Failed identify data 0:indirect recursion nesting (%d) exceeded in %s on line %d
38bool(false)
39Done
Note: See TracBrowser for help on using the repository browser.