summaryrefslogtreecommitdiff
path: root/ext/standard/tests/strings/bug38322.phpt
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/tests/strings/bug38322.phpt')
-rw-r--r--ext/standard/tests/strings/bug38322.phpt13
1 files changed, 13 insertions, 0 deletions
diff --git a/ext/standard/tests/strings/bug38322.phpt b/ext/standard/tests/strings/bug38322.phpt
new file mode 100644
index 000000000..37f5a93f6
--- /dev/null
+++ b/ext/standard/tests/strings/bug38322.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Bug #38322 (reading past array in sscanf() leads to segfault/arbitary code execution)
+--FILE--
+<?php
+
+$str = "a b c d e";
+var_dump(sscanf("a ",'%1$s',$str));
+
+echo "Done\n";
+?>
+--EXPECTF--
+int(1)
+Done
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-14 05:02:12 +0000