summaryrefslogtreecommitdiff
path: root/ext/session/tests/bug72681.phpt
diff options
context:
space:
mode:
Diffstat (limited to 'ext/session/tests/bug72681.phpt')
-rw-r--r--ext/session/tests/bug72681.phpt17
1 files changed, 17 insertions, 0 deletions
diff --git a/ext/session/tests/bug72681.phpt b/ext/session/tests/bug72681.phpt
new file mode 100644
index 0000000000..ceca6ecc33
--- /dev/null
+++ b/ext/session/tests/bug72681.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #72681: PHP Session Data Injection Vulnerability
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--FILE--
+<?php
+ini_set('session.serialize_handler', 'php');
+session_start();
+$GLOBALS['ryat'] = $GLOBALS;
+$_SESSION['ryat'] = 'ryat|O:8:"stdClass":0:{}';
+session_write_close();
+session_start();
+var_dump($_SESSION);
+?>
+--EXPECT--
+array(0) {
+}
View Lorry Controller Status