Sophie: php-suhosin-1:0.9.35-1.mga4 x86

php-suhosin-0.9.35-1.mga4.x86_64.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

--TEST--
Include "../../../../../../../../../../../etc/passwd";
--SKIPIF--
<?php include "../skipifcli.inc"; ?>
--INI--
suhosin.log.syslog=0
suhosin.log.sapi=255
suhosin.log.script=0
suhosin.log.phpscript=0
suhosin.executor.include.whitelist=
suhosin.executor.include.blacklist=
suhosin.executor.include.max_traversal=3
--FILE--
<?php
	$var = dirname(__FILE__)."/../empty.inc";
	include $var;
	echo $value,"\n";
    $var = dirname(__FILE__)."/../../../../../../../../../../../etc/passwd";
    include $var;
?>
--EXPECTF--
value-from-empty.inc
ALERT - Include filename ('%s../../../../../../../../../../../etc/passwd') contains too many '../' (attacker 'REMOTE_ADDR not set', file '%s', line 6)