Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Unintended global scope access. Example shows that even if you don't intend for a variable to be global, any code (by you or a 3rd party) can gain access and have its way with it.
<?php
function innocent_function() {
global $foo;
$foo = new Foobar($foo);
}
class Foobar {
public function __construct($original_value) {
echo 'I just did something evil.' . PHP_EOL;
$this->original_value = $original_value;
}
public function __toString() {
return $this->original_value;
}
}
//EOF
<?php
$foo = 'bar';
function foobar() {
global $foo;
$foo = 'foo' . $foo;
}
foobar();
// Prints "foobar"
echo $foo . PHP_EOL;
// Include innocuous 3rd party library
include 'evil-include.php';
innocent_function();
// Does prints something evil and then prints original value of $foo
echo $foo . PHP_EOL;
//EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.