diff options
| author | Julien Pauli <jpauli@php.net> | 2015-12-22 14:28:19 +0100 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2016-01-04 17:31:34 +0100 |
| commit | ef4449a8e822ff6bfee96dbe48a64f6b43dcf040 (patch) | |
| tree | 49cc152298e545edbefed4a198478808d929fa35 /ext/xmlrpc/tests | |
| parent | bc4baf608b69b1f6ba05aa136900c4467343592b (diff) | |
| download | php-git-ef4449a8e822ff6bfee96dbe48a64f6b43dcf040.tar.gz | |
Fixed #70728
Conflicts:
ext/xmlrpc/xmlrpc-epi-php.c
Diffstat (limited to 'ext/xmlrpc/tests')
| -rw-r--r-- | ext/xmlrpc/tests/bug70728.phpt | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/ext/xmlrpc/tests/bug70728.phpt b/ext/xmlrpc/tests/bug70728.phpt new file mode 100644 index 0000000000..5510c33936 --- /dev/null +++ b/ext/xmlrpc/tests/bug70728.phpt @@ -0,0 +1,30 @@ +--TEST-- +Bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker) +--SKIPIF-- +<?php +if (!extension_loaded("xmlrpc")) print "skip"; +?> +--FILE-- +<?php +$obj = new stdClass; +$obj->xmlrpc_type = 'base64'; +$obj->scalar = 0x1122334455; +var_dump(xmlrpc_encode($obj)); +var_dump($obj); +?> +--EXPECTF-- +string(135) "<?xml version="1.0" encoding="utf-8"?> +<params> +<param> + <value> + <base64>NzM1ODgyMjkyMDU= </base64> + </value> +</param> +</params> +" +object(stdClass)#1 (2) { + ["xmlrpc_type"]=> + string(6) "base64" + ["scalar"]=> + int(73588229205) +} |