xref: /PHP-7.0/ext/wddx/tests/bug70741.phpt (revision 472b2592)
1--TEST--
2Bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability)
3--SKIPIF--
4<?php
5if (!extension_loaded("wddx")) print "skip";
6if (!extension_loaded("session")) print "skip session extension not available";
7?>
8--FILE--
9<?php
10ini_set('session.serialize_handler', 'wddx');
11session_start();
12
13$hashtable = str_repeat('A', 66);
14$wddx = "<?xml version='1.0'?>
15<wddxPacket version='1.0'>
16<header/>
17	<data>
18		<string>$hashtable</string>
19	</data>
20</wddxPacket>";
21session_decode($wddx);
22?>
23DONE
24--EXPECTF--
25
26Warning: session_decode(): Failed to decode session object. Session has been destroyed in %s on line %d
27DONE