|
| 1 | +--TEST-- |
| 2 | +GH-16998 (UBSAN warning in rfc1867) |
| 3 | +--SKIPIF-- |
| 4 | +<?php |
| 5 | +if (!getenv('TEST_PHP_CGI_EXECUTABLE')) { |
| 6 | + die("skip php-cgi not available"); |
| 7 | +} |
| 8 | +?> |
| 9 | +--FILE-- |
| 10 | +<?php |
| 11 | +const FILLUNIT = 5 * 1024; |
| 12 | +$cmd = [ |
| 13 | + getenv('TEST_PHP_CGI_EXECUTABLE'), |
| 14 | + '-C', |
| 15 | + '-n', |
| 16 | + __DIR__ . '/GHSA-9pqp-7h25-4f32.inc', |
| 17 | +]; |
| 18 | +$boundary = str_repeat('A', FILLUNIT); |
| 19 | +$body = "" |
| 20 | + . "--$boundary\r\n" |
| 21 | + . "Content-Disposition: form-data; name=\"koko\"\r\n" |
| 22 | + . "\r\n" |
| 23 | + . "BBB\r\n--" . substr($boundary, 0, -1) . "CCC\r\n" |
| 24 | + . "--$boundary--\r\n" |
| 25 | + ; |
| 26 | +$env = array_merge($_ENV, [ |
| 27 | + 'REDIRECT_STATUS' => '1', |
| 28 | + 'CONTENT_TYPE' => "multipart/form-data; boundary=", |
| 29 | + 'CONTENT_LENGTH' => strlen($body), |
| 30 | + 'REQUEST_METHOD' => 'POST', |
| 31 | + 'SCRIPT_FILENAME' => __DIR__ . '/GHSA-9pqp-7h25-4f32.inc', |
| 32 | +]); |
| 33 | +$spec = [ |
| 34 | + 0 => ['pipe', 'r'], |
| 35 | + 1 => STDOUT, |
| 36 | + 2 => STDOUT, |
| 37 | +]; |
| 38 | +$pipes = []; |
| 39 | +$handle = proc_open($cmd, $spec, $pipes, getcwd(), $env); |
| 40 | +fwrite($pipes[0], $body); |
| 41 | +proc_close($handle); |
| 42 | +?> |
| 43 | +--EXPECTF-- |
| 44 | +X-Powered-By: PHP/%s |
| 45 | +Content-type: text/html; charset=UTF-8 |
| 46 | + |
| 47 | +Hello world |
| 48 | +array(0) { |
| 49 | +} |
0 commit comments