Overview

File php-composer2-CVE-2023-43655.patch of Package php-composer2.30901

diff --git a/bin/composer b/bin/composer
index 55391b9b629d..5a46937ca205 100755
--- a/bin/composer
+++ b/bin/composer
@@ -2,6 +2,11 @@
 <?php
 
 if (PHP_SAPI !== 'cli' && PHP_SAPI !== 'phpdbg') {
+    if (0 === strpos(__FILE__, 'phar:') && ini_get('register_argc_argv')) {
+        echo 'Composer cannot be run safely on non-CLI SAPIs with register_argc_argv=On. Aborting.'.PHP_EOL;
+        exit(1);
+    }
+
     echo 'Warning: Composer should be invoked via the CLI version of PHP, not the '.PHP_SAPI.' SAPI'.PHP_EOL;
 }
openSUSE Build Service is sponsored by
Places