|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2017-12-10 17:13 UTC] requinix@php.net
-Status: Open
+Status: Not a bug
[2017-12-10 17:13 UTC] requinix@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Apr 25 16:01:28 2024 UTC |
Description: ------------ Test script: When you trying to input like php:// wrapper, You can see it will error by php://filter/. I don't know why it's occur an error. so i just report this bug now. if it's input by user (i mean, file_get_contents() function), it can be connection by security vulnerability. in case, user are trying input to php://filter/ like that, the user are can make exploit to vuln maliciously. Test script: --------------- auth.php: <?php session_start(); // start session $_SESSION['auth'] = true; // set auth variable to true value file_get_contents("php://filter/"); // file_get_contents is have php://filter/ $_SESSION['auth'] = false; // set auth variable to false value ?> ---------------------------------------- auth_check.php: <?php session_start(); // start session echo $_SESSION['auth']; // print auth variable ?> Expected result: ---------------- It will stop by force. because file_get_contents("php://filter/") are occur an error. Actual result: -------------- This is occur an error and it can be break the code.