Annotation of embedaddon/php/ext/libxml/tests/bug61367-write.phpt, revision 1.1
1.1 ! misho 1: --TEST--
! 2: Bug #61367: open_basedir bypass in libxml RSHUTDOWN: write test
! 3: --SKIPIF--
! 4: <?php if(!extension_loaded('dom')) echo 'skip'; ?>
! 5: --INI--
! 6: open_basedir=.
! 7: ; Suppress spurious "Trying to get property of non-object" notices
! 8: error_reporting=E_ALL & ~E_NOTICE
! 9: --FILE--
! 10: <?php
! 11:
! 12: class StreamExploiter {
! 13: public function stream_close ( ) {
! 14: $doc = new DOMDocument;
! 15: $doc->appendChild($doc->createTextNode('hello'));
! 16: var_dump($doc->save(dirname(getcwd()) . '/bad'));
! 17: }
! 18:
! 19: public function stream_open ( $path , $mode , $options , &$opened_path ) {
! 20: return true;
! 21: }
! 22: }
! 23:
! 24: var_dump(mkdir('test_bug_61367'));
! 25: var_dump(mkdir('test_bug_61367/base'));
! 26: var_dump(file_put_contents('test_bug_61367/bad', 'blah'));
! 27: var_dump(chdir('test_bug_61367/base'));
! 28:
! 29: stream_wrapper_register( 'exploit', 'StreamExploiter' );
! 30: $s = fopen( 'exploit://', 'r' );
! 31:
! 32: ?>
! 33: --CLEAN--
! 34: <?php
! 35: @unlink('test_bug_61367/bad');
! 36: rmdir('test_bug_61367/base');
! 37: rmdir('test_bug_61367');
! 38: ?>
! 39: --EXPECTF--
! 40: bool(true)
! 41: bool(true)
! 42: int(4)
! 43: bool(true)
! 44:
! 45: Warning: DOMDocument::save(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line %d
! 46:
! 47: Warning: DOMDocument::save(%s): failed to open stream: Operation not permitted in %s on line %d
! 48: bool(false)
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>