diff --git a/NEWS b/NEWS index d26148877670..fc8ef24ab073 100644 --- a/NEWS +++ b/NEWS @@ -174,6 +174,8 @@ PHP NEWS (Weilin Du) . getenv() and putenv() now raises a ValueError when the first argument contains null bytes. (Weilin Du) + . proc_open() now raises a ValueError when the $cwd argument contains + null bytes. (Weilin Du) - Streams: . Added so_keepalive, tcp_keepidle, tcp_keepintvl and tcp_keepcnt stream diff --git a/UPGRADING b/UPGRADING index 6c6115ebcc84..9da0b9801363 100644 --- a/UPGRADING +++ b/UPGRADING @@ -95,6 +95,8 @@ PHP 8.6 UPGRADE NOTES argument value is passed. . scandir() now raises a ValueError when an invalid $sorting_order argument value is passed. + . proc_open() now raises a ValueError when the $cwd argument contains + null bytes. - Zip: . ZipArchive::extractTo now raises a TypeError for the diff --git a/ext/standard/proc_open.c b/ext/standard/proc_open.c index edccbeae5646..111111406799 100644 --- a/ext/standard/proc_open.c +++ b/ext/standard/proc_open.c @@ -1240,7 +1240,7 @@ PHP_FUNCTION(proc_open) Z_PARAM_ARRAY_HT(descriptorspec) Z_PARAM_ZVAL(pipes) Z_PARAM_OPTIONAL - Z_PARAM_STRING_OR_NULL(cwd, cwd_len) + Z_PARAM_PATH_OR_NULL(cwd, cwd_len) Z_PARAM_ARRAY_HT_OR_NULL(environment) Z_PARAM_ARRAY_OR_NULL(other_options) ZEND_PARSE_PARAMETERS_END(); diff --git a/ext/standard/tests/general_functions/proc_open_cwd_null_bytes.phpt b/ext/standard/tests/general_functions/proc_open_cwd_null_bytes.phpt new file mode 100644 index 000000000000..faa86c824177 --- /dev/null +++ b/ext/standard/tests/general_functions/proc_open_cwd_null_bytes.phpt @@ -0,0 +1,18 @@ +--TEST-- +proc_open() rejects null bytes in cwd +--SKIPIF-- + +--FILE-- +getMessage(), "\n"; +} + +?> +--EXPECT-- +proc_open(): Argument #4 ($cwd) must not contain any null bytes