ext/session/tests/bug72681.phpt


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

--TEST--
Bug #72681: PHP Session Data Injection Vulnerability
--SKIPIF--
<?php include('skipif.inc'); ?>
--FILE--
<?php
ini_set('session.serialize_handler', 'php');
session_start();
$GLOBALS['ryat'] = $GLOBALS;
$_SESSION['ryat'] = 'ryat|O:8:"stdClass":0:{}';
session_write_close();
session_start();
var_dump($_SESSION);
?>
--EXPECT--
array(0) {
}