cve-2014-1943-mb.phpt   [plain text]

--TEST--
Bug #66731: file: infinite recursion
--SKIPIF--
<?php
if (!class_exists('finfo'))
	die('skip no fileinfo extension');
--FILE--
<?php
$fd = __DIR__.'/cve-2014-1943私はガラスを食べられます.data';
$fm = __DIR__.'/cve-2014-1943私はガラスを食べられます.magic';

$a = "\105\122\000\000\000\000\000";
$b = str_repeat("\001", 250000);
$m =  "0           byte        x\n".
      ">(1.b)      indirect    x\n";

file_put_contents($fd, $a);
$fi = finfo_open(FILEINFO_NONE);
var_dump(finfo_file($fi, $fd));
finfo_close($fi);

file_put_contents($fd, $b);
file_put_contents($fm, $m);
$fi = finfo_open(FILEINFO_NONE, $fm);
var_dump(finfo_file($fi, $fd));
finfo_close($fi);
?>
Done
--CLEAN--
<?php
@unlink(__DIR__.'/cve-2014-1943.data');
@unlink(__DIR__.'/cve-2014-1943.magic');
?>
--EXPECTF--
string(%d) "%s"

Warning: finfo_file(): Failed identify data 0:indirect recursion nesting (%d) exceeded in %s on line %d
bool(false)
Done