archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
php-src/ext/gd/tests/imagegd_nullbyte_injection.phpt
Peter Kokot d679f02295 Sync leading and final newlines in *.phpt sections 
This patch adds missing newlines, trims multiple redundant final
newlines into a single one, and trims redundant leading newlines in all
*.phpt sections.

According to POSIX, a line is a sequence of zero or more non-' <newline>'
characters plus a terminating '<newline>' character. [1] Files should
normally have at least one final newline character.

C89 [2] and later standards [3] mention a final newline:
"A source file that is not empty shall end in a new-line character,
which shall not be immediately preceded by a backslash character."

Although it is not mandatory for all files to have a final newline
fixed, a more consistent and homogeneous approach brings less of commit
differences issues and a better development experience in certain text
editors and IDEs.

[1] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_206
[2] https://port70.net/~nsz/c/c89/c89-draft.html#2.1.1.2
[3] https://port70.net/~nsz/c/c99/n1256.html#5.1.1.2
2018-10-15 04:33:09 +02:00

34 lines
909 B
PHP
Raw Blame History

--TEST--
Testing null byte injection in imagegd
--SKIPIF--
<?php
if(!extension_loaded('gd')){ die('skip gd extension not available'); }
?>
--CLEAN--
$tempdir = sys_get_temp_dir(). '/php-gdtest';
foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
rmdir($tempdir);
--FILE--
<?php
$image = imagecreate(1,1);// 1px image
$tempdir = sys_get_temp_dir(). '/php-gdtest';
if (!file_exists($tempdir) && !is_dir($tempdir)) {
mkdir ($tempdir, 0777, true);
}
$userinput = "1\0"; // from post or get data
$temp = $tempdir. "/test" . $userinput .".tmp";
echo "\nimagegd TEST\n";
imagegd($image, $temp);
var_dump(file_exists($tempdir. "/test1"));
var_dump(file_exists($tempdir. "/test1.tmp"));
foreach (glob($tempdir . "/test*") as $file ) { unlink($file); }
--EXPECTF--
imagegd TEST
Warning: imagegd() expects parameter 2 to be a valid path, string given in %s on line %d
bool(false)
bool(false)
Reference in a new issue View git blame Copy permalink