1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
From: Wouter de Jong <wouter@wouterj.nl>
Date: Tue, 15 Oct 2024 10:18:46 +0200
Subject: Do not read from argv on non-CLI SAPIs
Origin: upstream, https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa
Bug: https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j
Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-50340
---
src/Symfony/Component/Runtime/SymfonyRuntime.php | 6 +++++-
src/Symfony/Component/Runtime/Tests/phpt/kernel.php | 8 +++++---
src/Symfony/Component/Runtime/Tests/phpt/kernel.phpt | 2 +-
.../Runtime/Tests/phpt/kernel_register_argc_argv.phpt | 18 ++++++++++++++++++
4 files changed, 29 insertions(+), 5 deletions(-)
create mode 100644 src/Symfony/Component/Runtime/Tests/phpt/kernel_register_argc_argv.phpt
diff --git a/src/Symfony/Component/Runtime/SymfonyRuntime.php b/src/Symfony/Component/Runtime/SymfonyRuntime.php
index 0ca9713..5612b3e 100644
--- a/src/Symfony/Component/Runtime/SymfonyRuntime.php
+++ b/src/Symfony/Component/Runtime/SymfonyRuntime.php
@@ -95,7 +95,7 @@ class SymfonyRuntime extends GenericRuntime
if (isset($options['env'])) {
$_SERVER[$envKey] = $options['env'];
- } elseif (isset($_SERVER['argv']) && class_exists(ArgvInput::class)) {
+ } elseif (empty($_GET) && isset($_SERVER['argv']) && class_exists(ArgvInput::class)) {
$this->options = $options;
$this->getInput();
}
@@ -216,6 +216,10 @@ class SymfonyRuntime extends GenericRuntime
private function getInput(): ArgvInput
{
+ if (!empty($_GET) && filter_var(ini_get('register_argc_argv'), \FILTER_VALIDATE_BOOL)) {
+ throw new \Exception('CLI applications cannot be run safely on non-CLI SAPIs with register_argc_argv=On.');
+ }
+
if (null !== $this->input) {
return $this->input;
}
diff --git a/src/Symfony/Component/Runtime/Tests/phpt/kernel.php b/src/Symfony/Component/Runtime/Tests/phpt/kernel.php
index ba29d34..b7c43c5 100644
--- a/src/Symfony/Component/Runtime/Tests/phpt/kernel.php
+++ b/src/Symfony/Component/Runtime/Tests/phpt/kernel.php
@@ -17,19 +17,21 @@ require __DIR__.'/autoload.php';
class TestKernel implements HttpKernelInterface
{
+ private $env;
private $var;
- public function __construct(string $var)
+ public function __construct(string $env, string $var)
{
+ $this->env = $env;
$this->var = $var;
}
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true): Response
{
- return new Response('OK Kernel '.$this->var);
+ return new Response('OK Kernel (env='.$this->env.') '.$this->var);
}
}
return function (array $context) {
- return new TestKernel($context['SOME_VAR']);
+ return new TestKernel($context['APP_ENV'], $context['SOME_VAR']);
};
diff --git a/src/Symfony/Component/Runtime/Tests/phpt/kernel.phpt b/src/Symfony/Component/Runtime/Tests/phpt/kernel.phpt
index e739eb0..e7df91e 100644
--- a/src/Symfony/Component/Runtime/Tests/phpt/kernel.phpt
+++ b/src/Symfony/Component/Runtime/Tests/phpt/kernel.phpt
@@ -9,4 +9,4 @@ require $_SERVER['SCRIPT_FILENAME'] = __DIR__.'/kernel.php';
?>
--EXPECTF--
-OK Kernel foo_bar
+OK Kernel (env=dev) foo_bar
diff --git a/src/Symfony/Component/Runtime/Tests/phpt/kernel_register_argc_argv.phpt b/src/Symfony/Component/Runtime/Tests/phpt/kernel_register_argc_argv.phpt
new file mode 100644
index 0000000..4da82d2
--- /dev/null
+++ b/src/Symfony/Component/Runtime/Tests/phpt/kernel_register_argc_argv.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Test HttpKernelInterface with register_argc_argv=1
+--INI--
+display_errors=1
+register_argc_argv=1
+--FILE--
+<?php
+
+// emulating PHP behavior with register_argc_argv=1
+$_GET['-e_test'] = '';
+$_SERVER['argc'] = 1;
+$_SERVER['argv'] = [' ', '-e', 'test'];
+
+require $_SERVER['SCRIPT_FILENAME'] = __DIR__.'/kernel.php';
+
+?>
+--EXPECTF--
+OK Kernel (env=dev) foo_bar
|
