blob: 955af38131f09fad072e805c177b4cf87b90b42d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
--TEST--
Bug #72142: WDDX Packet Injection Vulnerability in wddx_serialize_value()
--SKIPIF--
<?php if (!extension_loaded("wddx")) print "skip"; ?>
--FILE--
<?php
$wddx = wddx_serialize_value('', '</comment></header><data><struct><var name="php_class_name"><string>stdClass</string></var></struct></data></wddxPacket>');
var_dump($wddx);
var_dump(wddx_deserialize($wddx));
?>
--EXPECTF--
Deprecated: Function wddx_serialize_value() is deprecated in %s on line %d
string(301) "<wddxPacket version='1.0'><header><comment></comment></header><data><struct><var name="php_class_name"><string>stdClass</string></var></struct></data></wddxPacket></comment></header><data><string></string></data></wddxPacket>"
Deprecated: Function wddx_deserialize() is deprecated in %s on line %d
string(0) ""
|