xref: /PHP-8.1/ext/imap/tests/bug77153.phpt (revision 39131219)
1--TEST--
2Bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter)
3--EXTENSIONS--
4imap
5--CONFLICTS--
6defaultmailbox
7--FILE--
8<?php
9$payload = "echo 'BUG'> " . __DIR__ . '/__bug';
10$payloadb64 = base64_encode($payload);
11$server = "x -oProxyCommand=echo\t$payloadb64|base64\t-d|sh}";
12@imap_open('{'.$server.':143/imap}INBOX', '', '');
13// clean
14imap_errors();
15var_dump(file_exists(__DIR__ . '/__bug'));
16?>
17--EXPECT--
18bool(false)
19--CLEAN--
20<?php
21if(file_exists(__DIR__ . '/__bug')) unlink(__DIR__ . '/__bug');
22?>
23