diff options
author | Greg Beaver <cellog@php.net> | 2008-05-11 21:15:47 +0000 |
---|---|---|
committer | Greg Beaver <cellog@php.net> | 2008-05-11 21:15:47 +0000 |
commit | 7149523766692c565fe81a12e358abe3d6fd4725 (patch) | |
tree | 9917e6ec6ab3dd83c0539eddaf79c899fedb814a /ext/phar/tests/phar_unlinkarchive.phpt | |
parent | 5d168ad5444cb73e13055e0a1b6d278146fb5b45 (diff) | |
download | php-git-7149523766692c565fe81a12e358abe3d6fd4725.tar.gz |
add safety check to prevent unlinkArchive() from being called by a file within the archive
Diffstat (limited to 'ext/phar/tests/phar_unlinkarchive.phpt')
-rw-r--r-- | ext/phar/tests/phar_unlinkarchive.phpt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/ext/phar/tests/phar_unlinkarchive.phpt b/ext/phar/tests/phar_unlinkarchive.phpt index a239d54afb..910ef873d2 100644 --- a/ext/phar/tests/phar_unlinkarchive.phpt +++ b/ext/phar/tests/phar_unlinkarchive.phpt @@ -65,6 +65,16 @@ Phar::unlinkArchive($fname); var_dump(file_exists($fname)); $phar = new Phar($fname); var_dump(count($phar)); +$phar['evil.php'] = '<?php +try { +Phar::unlinkArchive(Phar::running(false)); +} catch (Exception $e) {echo $e->getMessage(),"\n";} +var_dump(Phar::running(false)); +include Phar::running(true) . "/another.php"; +?>'; +$phar['another.php'] = "hi\n"; +unset($phar); +include $pname . '/evil.php'; ?> ===DONE=== --CLEAN-- @@ -92,4 +102,7 @@ string(60) "<?php // zip-based phar archive stub file __HALT_COMPILER();" bool(false) int(0) +phar archive "%sphar_unlinkarchive.phar" cannot be unlinked from within itself +string(%d) "%sphar_unlinkarchive.phar" +hi ===DONE=== |