xref: /PHP-7.2/ext/zip/tests/bug70350.phpt (revision 906f19f1)
1--TEST--
2Bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories)
3--SKIPIF--
4<?php
5if(!extension_loaded('zip')) die('skip');
6?>
7--FILE--
8<?php
9
10$dir = dirname(__FILE__)."/bug70350";
11mkdir($dir);
12$archive = new ZipArchive();
13$archive->open("$dir/a.zip",ZipArchive::CREATE);
14$archive->addEmptyDir("../down2/");
15$archive->close();
16
17$archive2 = new ZipArchive();
18$archive2->open("$dir/a.zip");
19$archive2->extractTo($dir);
20$archive2->close();
21var_dump(file_exists("$dir/down2/"));
22var_dump(file_exists("../down2/"));
23?>
24--CLEAN--
25<?php
26$dir = dirname(__FILE__)."/bug70350";
27rmdir("$dir/down2");
28unlink("$dir/a.zip");
29rmdir($dir);
30?>
31--EXPECT--
32bool(true)
33bool(false)
34