/
proc
/
3430793
/
root
/
usr
/
local
/
lsws
/
phpbuild
/
php-8.0.7
/
ext
/
standard
/
tests
/
serialize
/
File Upload :
llllll
Current File: //proc/3430793/root/usr/local/lsws/phpbuild/php-8.0.7/ext/standard/tests/serialize/bug68976.phpt
--TEST-- Bug #68976 Use After Free Vulnerability in unserialize() --FILE-- <?php class evilClass { public $name; function __wakeup() { unset($this->name); } } $fakezval = pack( 'IIII', 0x00100000, 0x00000400, 0x00000000, 0x00000006 ); $data = unserialize('a:2:{i:0;O:9:"evilClass":1:{s:4:"name";a:2:{i:0;i:1;i:1;i:2;}}i:1;R:4;}'); for($i = 0; $i < 5; $i++) { $v[$i] = $fakezval.$i; } var_dump($data); ?> --EXPECT-- array(2) { [0]=> object(evilClass)#1 (0) { } [1]=> int(1) }
Copyright ©2k19 -
Hexid
|
Tex7ure