PHP  
 PHP_7_2
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

Valgrind Report for sapi/cli/tests/bug70264.phpt ('Bug #70264 (CLI server directory traversal)')

Script

1: <?php
2:
include "php_cli_server.inc";
3:
php_cli_server_start(nullnull);
4: echo 
file_get_contents("http://" PHP_CLI_SERVER_ADDRESS "/..\\CREDITS");
5: echo 
file_get_contents("http://" PHP_CLI_SERVER_ADDRESS "/..%5CCREDITS");
6:
?>
7:

Report

==23088== Jump to the invalid address stated on the next line
==23088==    at 0x4FE: ???
==23088==    by 0x40056AF: open_verify (in /lib64/ld-2.12.so)
==23088==    by 0x4005D5A: open_path (in /lib64/ld-2.12.so)
==23088==    by 0x4008973: _dl_map_object (in /lib64/ld-2.12.so)
==23088==    by 0x400C701: openaux (in /lib64/ld-2.12.so)
==23088==    by 0x400E5E8: _dl_catch_error (in /lib64/ld-2.12.so)
==23088==    by 0x400CDE4: _dl_map_object_deps (in /lib64/ld-2.12.so)
==23088==    by 0x40034C7: dl_main (in /lib64/ld-2.12.so)
==23088==    by 0x401640D: _dl_sysdep_start (in /lib64/ld-2.12.so)
==23088==    by 0x40014D3: _dl_start (in /lib64/ld-2.12.so)
==23088==    by 0x4000B37: ??? (in /lib64/ld-2.12.so)
==23088==    by 0x5: ???
==23088==  Address 0x4fe is not stack'd, malloc'd or (recently) free'd
==23088== 
==23088== 
==23088== Process terminating with default action of signal 11 (SIGSEGV)
==23088==  Bad permissions for mapped region at address 0x4FE
==23088==    at 0x4FE: ???
==23088==    by 0x40056AF: open_verify (in /lib64/ld-2.12.so)
==23088==    by 0x4005D5A: open_path (in /lib64/ld-2.12.so)
==23088==    by 0x4008973: _dl_map_object (in /lib64/ld-2.12.so)
==23088==    by 0x400C701: openaux (in /lib64/ld-2.12.so)
==23088==    by 0x400E5E8: _dl_catch_error (in /lib64/ld-2.12.so)
==23088==    by 0x400CDE4: _dl_map_object_deps (in /lib64/ld-2.12.so)
==23088==    by 0x40034C7: dl_main (in /lib64/ld-2.12.so)
==23088==    by 0x401640D: _dl_sysdep_start (in /lib64/ld-2.12.so)
==23088==    by 0x40014D3: _dl_start (in /lib64/ld-2.12.so)
==23088==    by 0x4000B37: ??? (in /lib64/ld-2.12.so)
==23088==    by 0x5: ???

 

Generated at Sun, 10 Feb 2019 05:24:25 +0000 (10 days ago)

Copyright © 2005-2019 The PHP Group
All rights reserved.