nyx/tests/dynamic_fixtures/php/fileio_positive.php

<?php
// File I/O — positive fixture.
// Vulnerable: reads file at user-controlled path without sanitization.
// Entry: runReadFile($userPath)  Cap: FILE_IO
// Expected verdict: Confirmed (../../../../etc/passwd → "root:" in output)

function runReadFile($userPath) {
    $filePath = '/var/data/' . $userPath;
    echo "__NYX_SINK_HIT__\n";
    $content = @file_get_contents($filePath);
    if ($content !== false) {
        echo $content;
    }
}
[pitboss] phase 05: M5 — JS/TS, Go, Java, PHP harness emitters 2026-05-12 02:20:55 -04:00			`<?php`
			`// File I/O — positive fixture.`
			`// Vulnerable: reads file at user-controlled path without sanitization.`
[pitboss/grind] deferred session-0015 (20260522T163126Z-7d60) 2026-05-22 18:03:08 -05:00			`// Entry: runReadFile($userPath) Cap: FILE_IO`
[pitboss] phase 05: M5 — JS/TS, Go, Java, PHP harness emitters 2026-05-12 02:20:55 -04:00			`// Expected verdict: Confirmed (../../../../etc/passwd → "root:" in output)`

[pitboss/grind] deferred session-0015 (20260522T163126Z-7d60) 2026-05-22 18:03:08 -05:00			`function runReadFile($userPath) {`
[pitboss] phase 05: M5 — JS/TS, Go, Java, PHP harness emitters 2026-05-12 02:20:55 -04:00			`$filePath = '/var/data/' . $userPath;`
			`echo "__NYX_SINK_HIT__\n";`
			`$content = @file_get_contents($filePath);`
			`if ($content !== false) {`
			`echo $content;`
			`}`
			`}`