Skip to content

Commit 7ac4ebd

Browse files
GirgiasGirgias
committed
EXEC
1 parent 077687f commit 7ac4ebd

File tree

2 files changed

+27
-22
lines changed

2 files changed

+27
-22
lines changed

ext/standard/exec.c

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -220,12 +220,12 @@ static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
220220
ZEND_PARSE_PARAMETERS_END();
221221

222222
if (!cmd_len) {
223-
php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
224-
RETURN_FALSE;
223+
zend_argument_value_error(1, "cannot be empty");
224+
RETURN_THROWS();
225225
}
226226
if (strlen(cmd) != cmd_len) {
227-
php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
228-
RETURN_FALSE;
227+
zend_argument_type_error(1, "must not contain any null bytes");
228+
RETURN_THROWS();
229229
}
230230

231231
if (!ret_array) {
@@ -530,12 +530,12 @@ PHP_FUNCTION(shell_exec)
530530
ZEND_PARSE_PARAMETERS_END();
531531

532532
if (!command_len) {
533-
php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
534-
RETURN_FALSE;
533+
zend_argument_value_error(1, "cannot be empty");
534+
RETURN_THROWS();
535535
}
536536
if (strlen(command) != command_len) {
537-
php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
538-
RETURN_FALSE;
537+
zend_argument_type_error(1, "must not contain any null bytes");
538+
RETURN_THROWS();
539539
}
540540

541541
#ifdef PHP_WIN32

ext/standard/tests/misc/exec_basic1.phpt

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -8,18 +8,23 @@ exec, system, passthru — Basic command execution functions
88
--FILE--
99
<?php
1010
$cmd = "echo abc\n\0command";
11-
var_dump(exec($cmd, $output));
12-
var_dump($output);
13-
var_dump(system($cmd));
14-
var_dump(passthru($cmd));
11+
try {
12+
var_dump(exec($cmd, $output));
13+
} catch (\TypeError $e) {
14+
echo $e->getMessage() . \PHP_EOL;
15+
}
16+
try {
17+
var_dump(system($cmd, $output));
18+
} catch (\TypeError $e) {
19+
echo $e->getMessage() . \PHP_EOL;
20+
}
21+
try {
22+
var_dump(passthru($cmd, $output));
23+
} catch (\TypeError $e) {
24+
echo $e->getMessage() . \PHP_EOL;
25+
}
1526
?>
16-
--EXPECTF--
17-
Warning: exec(): NULL byte detected. Possible attack in %s on line %d
18-
bool(false)
19-
NULL
20-
21-
Warning: system(): NULL byte detected. Possible attack in %s on line %d
22-
bool(false)
23-
24-
Warning: passthru(): NULL byte detected. Possible attack in %s on line %d
25-
bool(false)
27+
--EXPECT--
28+
exec(): Argument #1 ($command) must not contain any null bytes
29+
system(): Argument #1 ($command) must not contain any null bytes
30+
passthru(): Argument #1 ($command) must not contain any null bytes

0 commit comments

Comments
 (0)