diff options
| author | Anatol Belski <ab@php.net> | 2018-11-10 20:07:25 +0100 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2018-11-10 20:07:25 +0100 |
| commit | b50d93bc115d96100893a2b6d0c71756f0f8b9e1 (patch) | |
| tree | af2b60c482150dacf9e2e24f0b719a26b8e34bc8 | |
| parent | 0e38909170b92ae3da5efd18b7b92df52c80051d (diff) | |
| parent | 3fd46e19ac3e8ef2950a65edef4c95fcd4c08242 (diff) | |
| download | php-git-b50d93bc115d96100893a2b6d0c71756f0f8b9e1.tar.gz | |
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fork test with pcre.jit=0
| -rw-r--r-- | ext/fileinfo/tests/cve-2014-3538-nojit.phpt | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/ext/fileinfo/tests/cve-2014-3538-nojit.phpt b/ext/fileinfo/tests/cve-2014-3538-nojit.phpt new file mode 100644 index 0000000000..2dc5ddbc5e --- /dev/null +++ b/ext/fileinfo/tests/cve-2014-3538-nojit.phpt @@ -0,0 +1,40 @@ +--TEST-- +Bug #66731: file: extensive backtraking, with pcre.jit=0 +--SKIPIF-- +<?php +if (defined("PHP_DEBUG") && PHP_DEBUG) + die("skip not suitable for debug build"); +if (!class_exists('finfo')) + die('skip no fileinfo extension'); +?> +--INI-- +pcre.jit=0 +--FILE-- +<?php +$fd = __DIR__.'/cve-2014-3538.data'; + +file_put_contents($fd, + 'try:' . + str_repeat("\n", 1000000)); + +$fi = finfo_open(FILEINFO_NONE); +$t = microtime(true); +var_dump(finfo_file($fi, $fd)); +$t = microtime(true) - $t; +finfo_close($fi); +if ($t < 1) { + echo "Ok\n"; +} else { + printf("Failed, time=%.2f\n", $t); +} + +?> +Done +--CLEAN-- +<?php +@unlink(__DIR__.'/cve-2014-3538.data'); +?> +--EXPECTF-- +string(%d) "%s" +Ok +Done |