mirror of
https://github.com/php/php-src.git
synced 2025-08-16 22:18:50 +02:00
Fix bug #68089 - do not accept options with embedded \0
Conflicts: ext/curl/interface.c
This commit is contained in:
Stanislav Malyshev
parent
88eb7ea47d
commit
71b63fc701
2 changed files with 23 additions and 0 deletions
|
|
@ -169,6 +169,11 @@ static int php_curl_option_str(php_curl *ch, long option, const char *str, const
|
||||||
{
|
{
|
||||||
CURLcode error = CURLE_OK;
|
CURLcode error = CURLE_OK;
|
||||||
|
|
||||||
|
if (strlen(str) != len) {
|
||||||
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option contains invalid characters (\\0)");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
#if LIBCURL_VERSION_NUM >= 0x071100
|
#if LIBCURL_VERSION_NUM >= 0x071100
|
||||||
if (make_copy) {
|
if (make_copy) {
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
18
ext/curl/tests/bug68089.phpt
Normal file
18
ext/curl/tests/bug68089.phpt
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
--TEST--
|
||||||
|
Bug #68089 (NULL byte injection - cURL lib)
|
||||||
|
--SKIPIF--
|
||||||
|
<?php
|
||||||
|
include 'skipif.inc';
|
||||||
|
|
||||||
|
?>
|
||||||
|
--FILE--
|
||||||
|
<?php
|
||||||
|
$url = "file:///etc/passwd\0http://google.com";
|
||||||
|
$ch = curl_init();
|
||||||
|
var_dump(curl_setopt($ch, CURLOPT_URL, $url));
|
||||||
|
?>
|
||||||
|
Done
|
||||||
|
--EXPECTF--
|
||||||
|
Warning: curl_setopt(): Curl option contains invalid characters (\0) in %s/bug68089.php on line 4
|
||||||
|
bool(false)
|
||||||
|
Done
|
||||||
Loading…
Add table
Add a link
Reference in a new issue