| Server IP : 79.136.114.73 / Your IP : 18.190.154.145 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/self/root/home/b8009/php-5.6.22/ext/standard/tests/general_functions/ |
Upload File : |
--TEST--
Bug #69646 OS command injection vulnerability in escapeshellarg()
--SKIPIF--
<?php
if( substr(PHP_OS, 0, 3) != "WIN" )
die("skip.. Windows only");
?>
--FILE--
<?php
$a = 'a\\';
$b = 'b -c d\\';
var_dump( $a, escapeshellarg($a) );
var_dump( $b, escapeshellarg($b) );
$helper_script = <<<SCRIPT
<?php
print( "--- ARG INFO ---\n" );
var_dump( \$argv );
SCRIPT;
$script = dirname(__FILE__) . DIRECTORY_SEPARATOR . "arginfo.php";
file_put_contents($script, $helper_script);
$cmd = PHP_BINARY . " " . $script . " " . escapeshellarg($a) . " " . escapeshellarg($b);
system($cmd);
unlink($script);
?>
--EXPECTF--
string(2) "a\"
string(5) ""a\\""
string(7) "b -c d\"
string(10) ""b -c d\\""
--- ARG INFO ---
array(3) {
[0]=>
string(%d) "%sarginfo.php"
[1]=>
string(2) "a\"
[2]=>
string(7) "b -c d\"
}