File: bug76359.phpt

package info (click to toggle)
php8.4 8.4.16-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 211,276 kB
  • sloc: ansic: 1,176,142; php: 35,419; sh: 11,964; cpp: 7,208; pascal: 4,951; javascript: 3,091; asm: 2,817; yacc: 2,411; makefile: 696; xml: 446; python: 301; awk: 148
file content (19 lines) | stat: -rw-r--r-- 491 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
--TEST--
Bug #76359 (open_basedir bypass through adding "..")
--FILE--
<?php
ini_set('open_basedir', __DIR__);
mkdir(__DIR__ . "/bug76359");
chdir(__DIR__ . "/bug76359");
var_dump(ini_set('open_basedir', ini_get('open_basedir') . PATH_SEPARATOR . ".."));
chdir("..");
chdir("..");
?>
--EXPECTF--
string(%d) "%ssecurity"

Warning: chdir(): open_basedir restriction in effect. File(..) is not within the allowed path(s): (%s) in %s on line %d
--CLEAN--
<?php
@rmdir(__DIR__ . "/bug76359");
?>