Edit report at https://bugs.php.net/bug.php?id=61440&edit=1
ID: 61440
Comment by: aschulz4587 at gmail dot com
Reported by: aschulz4587 at gmail dot com
Summary: proc_open() and shell escaping
Status: Open
Type: Bug
Package: CGI/CLI related
Operating System: Vista/Win 7
PHP Version: 5.4.0
Block user comment: N
Private report: N
New Comment:
Note that this works if the bypass_shell flag it set. Also, popen() does not
suffer from this problem.
Previous Comments:
------------------------------------------------------------------------
[2012-03-19 18:23:01] aschulz4587 at gmail dot com
Description:
------------
proc_open() does not seem to handle shell escaping of the script paths properly.
Test script:
---------------
<?php
$pipes = array();
$process = proc_open(
'"php" "--version"',
#'php "--version"',
array(
0 => array( 'pipe', 'r' ), // input
1 => array( 'pipe', 'w' ), // output
2 => array( 'file', 'NUL', 'a' ) // error
),
$pipes // respective outputs
);
fclose( $pipes[0] );
var_dump( stream_get_contents( $pipes[1] ) );
fclose( $pipes[1] );
proc_close($process);
Expected result:
----------------
$ php shelltest.php
string(147) "PHP 5.3.4 (cli) (built: Dec 16 2010 00:06:20)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
"
Actual result:
--------------
$ php shelltest.php
string(0) ""
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=61440&edit=1
