#49861 [Opn->Csd]: htmlspecialchars() returns incorrect results for Unicode characters outside BMP
ID: 49861 Updated by: moriyo...@php.net Reported By: moriyo...@php.net -Status: Open +Status: Closed Bug Type: Strings related Operating System: * -PHP Version: 5.3SVN-2009-10-13 (SVN) +PHP Version: 5.3.0 New Comment: Just a reminder: this was already fixed along with bug #49785 in SVN. Previous Comments: [2009-10-13 09:00:42] moriyo...@php.net Description: htmlspecialchars() / htmlentities() returns incorrect results when an Unicode character whose codepoint is outside the range of BMP. Confirmed with 5.3.0, 5.3SVN. Reproduce code: --- Expected result: string(8) "f09080bc" Actual result: -- string(8) "266c743b" -- Edit this bug report at http://bugs.php.net/?id=49861&edit=1
#49858 [NEW]: Compile flag --with-libxml-dir don't work as expected
From: me at madjack dot ru Operating system: Mac Os X 10.5.7 PHP version: 5.3SVN-2009-10-13 (snap) PHP Bug Type: *Compile Issues Bug description: Compile flag --with-libxml-dir don't work as expected Description: I have 3 or more different libxml2 libraries in the system. Standard MacOS X libxml2 located in /usr/lib and has version 9.0. When i compile PHP of any version begin from 5.3.0 include last snap with flag --with- pdo-pgsql it compiles fine, but PostgreSQL 8.4 has own libxml2 version 10.0.1 and can't compile with libxml2 9.0. So without postgresql php compiles fine, but with postgresql it compiles fine but don't run. It says error: dyld: Library not loaded: libxml2.2.dylib Referenced from: /Volumes/DevHD/Developer/Sources/php/php5.3- 200910120830/sapi/cli/php Reason: Incompatible library version: php requires version 10.0.0 or later, but libxml2.2.dylib provides version 9.0.0 Reproduce code: --- Configure and make script cut here #!/bin/sh ./configure --disable-all \ --with-interbase \ --with-apxs2 \ --enable-libxml \ --with-pcre-regex=yes \ --with-regex=php \ --with-zend-vm=CALL \ --enable-zend-multibyte \ --disable-ipv6 \ --prefix=/usr/local \ --with-zlib \ --enable-soap \ --enable-dom \ --enable-session \ --enable-libxml \ --with-libxml-dir=/Library/PostgreSQL/8.4 \ --enable-simplexml \ --enable-xml \ --enable-tokenizer \ --enable-json \ --enable-pdo \ --with-pdo-firebird=/Library/Frameworks/Firebird.framework \ --with-pdo-pgsql=/Library/PostgreSQL/8.4 \ --with-pear \ --with-xsl make "EXTRA_INCLUDES=-I/Library/Frameworks/Firebird.framework/Versions/A/Headers/" \ "EXTRA_LIBS=-lresolv -lexslt -lpq -lfbclient -lz -lm -lxml2 -licucore -lxslt" echo "" echo "Test for compilance with libxml2" echo "" otool -L ./sapi/cli/php echo "" ./sapi/cli/php -v cut here Expected result: Php must use libxml2 not from /usr/lib. It must use libxml2 from /Library/PostgreSQL/8.4/lib. Actual result: -- Build complete. Don't forget to run 'make test'. Test for compilance with libxml2 ./sapi/cli/php: /usr/lib/libresolv.9.dylib (compatibility version 1.0.0, current version 25.0.2) /usr/lib/libexslt.0.dylib (compatibility version 9.0.0, current version 9.10.0) libpq.5.dylib (compatibility version 5.0.0, current version 5.2.0) /Library/Frameworks/Firebird.framework/Versions/A/Firebird (compatibility version 2.0.5, current version 2.0.5) /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.3) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 111.1.4) libxml2.2.dylib (compatibility version 10.0.0, current version 10.1.0) /usr/lib/libicucore.A.dylib (compatibility version 1.0.0, current version 36.0.0) /usr/lib/libxslt.1.dylib (compatibility version 3.0.0, current version 3.12.0) /usr/lib/libgcc_s.1.dylib (compatibility version 1.0.0, current version 1.0.0) dyld: Library not loaded: libxml2.2.dylib Referenced from: /Volumes/DevHD/Developer/Sources/php/php5.3- 200910120830/./sapi/cli/php Reason: Incompatible library version: php requires version 10.0.0 or later, but libxml2.2.dylib provides version 9.0.0 ./rebuild.sh: line 37: 1892 Trace/BPT trap ./sapi/cli/php -v -- Edit bug report at http://bugs.php.net/?id=49858&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49858&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49858&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49858&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49858&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49858&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49858&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49858&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49858&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49858&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49858&r=support Expected behavior: http://bugs.php.net/fix.php?id=49858&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49858&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49858&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49858&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49858&r=php4 Daylight Savings:http://bugs.php.net/fi
#49859 [NEW]: PHP_FCGI_CHILDREN not work
From: loki5100-nospam at yahoo dot fr Operating system: Windows Vista PHP version: 5.3.0 PHP Bug Type: PHP options/info functions Bug description: PHP_FCGI_CHILDREN not work Description: i found a bug in PHP-cgi.exe I use Php-cgi as fastCgi php-cgi.exe -b host:port i set in environement variables this : PHP_FCGI_CHILDREN=8 PHP_FCGI_MAX_REQUESTS=1000 in the task manager i see only one Php-cgi.exe process (when normaly i must see 9 process no?) and after i send more than 1000 request the php-cgi.exe process died ! and i must manually restart it! that not a normal behavior when PHP_FCGI_CHILDREN is > 1 Reproduce code: --- set in environement variables : PHP_FCGI_CHILDREN=8 PHP_FCGI_MAX_REQUESTS=1000 exec: php-cgi.exe -b 127.0.0.1:9000 see in task manager only one Php-cgi.exe process send more than 1000 request to php-cgi.exe, the process will die and you will need to manually restart it ! Expected result: process must be restarted automatiquely Actual result: -- the main process die and you need to manually restart it ! -- Edit bug report at http://bugs.php.net/?id=49859&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49859&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49859&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49859&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49859&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49859&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49859&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49859&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49859&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49859&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49859&r=support Expected behavior: http://bugs.php.net/fix.php?id=49859&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49859&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49859&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49859&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49859&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49859&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49859&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49859&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49859&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49859&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49859&r=mysqlcfg
#49861 [NEW]: htmlspecialchars() returns incorrect results for Unicode characters outside BMP
From: moriyo...@php.net Operating system: * PHP version: 5.3SVN-2009-10-13 (SVN) PHP Bug Type: Strings related Bug description: htmlspecialchars() returns incorrect results for Unicode characters outside BMP Description: htmlspecialchars() / htmlentities() returns incorrect results when an Unicode character whose codepoint is outside the range of BMP. Confirmed with 5.3.0, 5.3SVN. Reproduce code: --- Expected result: string(8) "f09080bc" Actual result: -- string(8) "266c743b" -- Edit bug report at http://bugs.php.net/?id=49861&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49861&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49861&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49861&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49861&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49861&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49861&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49861&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49861&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49861&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49861&r=support Expected behavior: http://bugs.php.net/fix.php?id=49861&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49861&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49861&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49861&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49861&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49861&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49861&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49861&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49861&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49861&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49861&r=mysqlcfg
#49858 [Com]: Compile flag --with-libxml-dir don't work as expected
ID: 49858 Comment by: me at madjack dot ru Reported By: me at madjack dot ru Status: Open Bug Type: *Compile Issues Operating System: Mac Os X 10.5.7 PHP Version: 5.3SVN-2009-10-13 (snap) New Comment: The only way to fix this bug for me: Configure php with all needed options, Then remove libxml2 binaries from /Library/PostgreSQL/8.4/lib compile and install php, restore libs to PostgreSQL home. Previous Comments: [2009-10-13 07:18:30] me at madjack dot ru Description: I have 3 or more different libxml2 libraries in the system. Standard MacOS X libxml2 located in /usr/lib and has version 9.0. When i compile PHP of any version begin from 5.3.0 include last snap with flag --with- pdo-pgsql it compiles fine, but PostgreSQL 8.4 has own libxml2 version 10.0.1 and can't compile with libxml2 9.0. So without postgresql php compiles fine, but with postgresql it compiles fine but don't run. It says error: dyld: Library not loaded: libxml2.2.dylib Referenced from: /Volumes/DevHD/Developer/Sources/php/php5.3- 200910120830/sapi/cli/php Reason: Incompatible library version: php requires version 10.0.0 or later, but libxml2.2.dylib provides version 9.0.0 Reproduce code: --- Configure and make script cut here #!/bin/sh ./configure --disable-all \ --with-interbase \ --with-apxs2 \ --enable-libxml \ --with-pcre-regex=yes \ --with-regex=php \ --with-zend-vm=CALL \ --enable-zend-multibyte \ --disable-ipv6 \ --prefix=/usr/local \ --with-zlib \ --enable-soap \ --enable-dom \ --enable-session \ --enable-libxml \ --with-libxml-dir=/Library/PostgreSQL/8.4 \ --enable-simplexml \ --enable-xml \ --enable-tokenizer \ --enable-json \ --enable-pdo \ --with-pdo-firebird=/Library/Frameworks/Firebird.framework \ --with-pdo-pgsql=/Library/PostgreSQL/8.4 \ --with-pear \ --with-xsl make "EXTRA_INCLUDES=-I/Library/Frameworks/Firebird.framework/Versions/A/Headers/" \ "EXTRA_LIBS=-lresolv -lexslt -lpq -lfbclient -lz -lm -lxml2 -licucore -lxslt" echo "" echo "Test for compilance with libxml2" echo "" otool -L ./sapi/cli/php echo "" ./sapi/cli/php -v cut here Expected result: Php must use libxml2 not from /usr/lib. It must use libxml2 from /Library/PostgreSQL/8.4/lib. Actual result: -- Build complete. Don't forget to run 'make test'. Test for compilance with libxml2 ./sapi/cli/php: /usr/lib/libresolv.9.dylib (compatibility version 1.0.0, current version 25.0.2) /usr/lib/libexslt.0.dylib (compatibility version 9.0.0, current version 9.10.0) libpq.5.dylib (compatibility version 5.0.0, current version 5.2.0) /Library/Frameworks/Firebird.framework/Versions/A/Firebird (compatibility version 2.0.5, current version 2.0.5) /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.3) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 111.1.4) libxml2.2.dylib (compatibility version 10.0.0, current version 10.1.0) /usr/lib/libicucore.A.dylib (compatibility version 1.0.0, current version 36.0.0) /usr/lib/libxslt.1.dylib (compatibility version 3.0.0, current version 3.12.0) /usr/lib/libgcc_s.1.dylib (compatibility version 1.0.0, current version 1.0.0) dyld: Library not loaded: libxml2.2.dylib Referenced from: /Volumes/DevHD/Developer/Sources/php/php5.3- 200910120830/./sapi/cli/php Reason: Incompatible library version: php requires version 10.0.0 or later, but libxml2.2.dylib provides version 9.0.0 ./rebuild.sh: line 37: 1892 Trace/BPT trap ./sapi/cli/php -v -- Edit this bug report at http://bugs.php.net/?id=49858&edit=1
#49857 [Opn->Fbk]: DST in Brazil will only begin in October 18th, not in 11th !!!
ID: 49857 Updated by: paj...@php.net Reported By: heitor dot siller at gmail dot com -Status: Open +Status: Feedback Bug Type: Date/time related Operating System: RHEL 5 PHP Version: 5.2.11 New Comment: Please try using this snapshot: http://snaps.php.net/php5.3-latest.tar.gz For Windows: http://windows.php.net/snapshots/ Previous Comments: [2009-10-13 03:30:34] heitor dot siller at gmail dot com Description: DST in Brazil will only begin in October 18th, but PHP considered it has already started on October 11th. This is causing very significant problems in Brasilian web systems! DST in Brazil are weird, I mean, its rules changes every year. This year president Lula imposed it will begin every third October's sundays and will ends in the third February's sundays. Although now there is a general rule, there is still problems. For example: some Brazilian states just don't accept DST and they often win processes in justice to not follow DST. Other potential problem is there is 4 different time zones in Brazilian's huge territory (that is even bigger than continental USA), and "normally" only one has DST, who is "Brazil/East". To be honest, I can't see a simple solution for this bug, but what I'm sure is that a lot of people in Brazil will face a buggy week between October 11th and 18th! Reproduce code: --- Try to run in PHP an then compare to "SELECT localtime" in MySQL Expected result: PHP result will show a date 1 hour ahead of MySQL's Actual result: -- PHP: 2009-10-13 01:27:37 MYSQL 2009-10-13 00:27:37 -- Edit this bug report at http://bugs.php.net/?id=49857&edit=1
#48289 [Com]: iconv_mime_encode() quoted-printable scheme is broken
ID: 48289
Comment by: rosier at interstroom dot nl
Reported By: astax dot t at gmail dot com
Status: Open
Bug Type: ICONV related
Operating System: Windows
PHP Version: 5.2CVS-2009-05-15 (snap)
New Comment:
// PHP version: 5.3.0
echo 'PHP version: ' . phpversion();
$subject =
base64_decode('VEVTVCDigJMg0KMg0L3QsNGBINC10YHRgtGMINGC0L4sINGH0YLQviDQktCw0Lwg0L3Rg9C20L3QviAtIFRFU1Q=');
$preferences = array(
'line-length' => 500,
'input-charset' => 'UTF-8',
'output-charset' => 'UTF-8',
'scheme' => 'Q'
);
$result = iconv_mime_encode('Subject', $subject, $preferences);
// OK: $result = string
var_dump($result);
$preferences = array(
'line-length' => 76,
'input-charset' => 'UTF-8',
'output-charset' => 'UTF-8',
'scheme' => 'Q'
);
$result = iconv_mime_encode('Subject', $subject, $preferences);
// WRONG: $result = FALSE
var_dump($result);
Previous Comments:
[2009-07-10 03:02:15] astax dot t at gmail dot com
dypa at bk dot ru: Please make sure you use Windows-1251 charset
everywhere when you copy and paste test content. Everywhere means in
browser and in text editor.
In your case I think iconv fails because you pasted the text in
ISO-8859-1 charset.
[2009-07-09 19:13:25] support at canada-brand dot com
http://www.canada-brand.com
[2009-05-16 17:45:48] dypa at bk dot ru
all tests give error:
Notice: iconv_mime_encode() [function.iconv-mime-encode]: Unknown error
(7) in /var/www/def.php on line 12
u...@localhost:/rss$ php -v
PHP 5.2.6-3ubuntu4.1 with Suhosin-Patch 0.9.6.2 (cli) (built: Apr 23
2009 14:35:05)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
iconv
iconv support enabled
iconv implementationglibc
iconv library version 2.9
[2009-05-15 03:29:33] astax dot t at gmail dot com
Description:
When used with "Q" scheme, iconv_mime_encode produces wrong results,
crashes of hangs. I suspect this happens with long (though not VERY
long) strings.
Lines are not correctly wrapped with "line-break-chars" parameter.
In reproduce code note missing linebreaks in encoded string and
duplicated second word in decoded string.
Reproduce code:
---
// Content below is in Windows-1251 charset
$str = 'Ôèëèàë "Çàïàäíî-Ñèáèðñêèé" ÎÀÎ "Ñîáèíáàíê" ðàä ïðåäñòàâèòü';
$par = array(
'scheme' => 'Q',
'input-charset' => 'CP1251',
'output-charset' => 'CP1251',
'line-length' => 74,
);
$res = iconv_mime_encode('Subject', $str, $par);
echo $res."\n";
$res = iconv_mime_decode($res, ICONV_MIME_DECODE_CONTINUE_ON_ERROR,
'CP1251');
echo $res."\n";
=
Second example:
$str = 'Òåñò òåñò òåñò òåñò òåñò òåñò òåñò òåñò òåñò òåñò òåñò òåñò
òåñò òåñò òåñò';
$par = array(
'scheme' => 'Q',
'input-charset' => 'CP1251',
'output-charset' => 'CP1251',
);
$res = iconv_mime_encode('Subject', $str, $par);
echo $res."\n";
Expected result:
Subject: =?CP1251?Q?=D4=E8=EB=E8?==?CP1251?Q?=E0=EB=20?==?CP1251?Q?"?=
=?CP1251?Q?=C7=E0=EF=E0=E4=ED=EE-=D1=E8=E1=E8=F0=F1=EA=E8=E9"=20=CE=C0=CE?=
=?CP1251?Q?=20"=D1=EE=E1=E8=ED=E1=E0=ED=EA"=20=F0=E0=E4=20=EF=F0?=
=?CP1251?Q?=E5=E4=F1=F2=E0=E2=E8=F2=FC?=
Subject: Ôèëèàë "Çàïàäíî-Ñèáèðñêèé" ÎÀÎ "Ñîáèíáàíê" ðàä
ïðåäñòàâèòü
=
Second example:
expected encoded string to be displayed
Actual result:
--
Subject:
=?CP1251?Q?=D4=E8=EB=E8?==?CP1251?Q?=E0=EB=20?==?CP1251?Q?"=C7=E0=EF=E0=E4=ED?==?CP1251?Q?"=C7=E0=EF=E0=E4=ED=EE-=D1=E8=E1=E8=F0=F1=EA=E8=E9"=20=CE=C0=CE=20"=D1=EE=E1=E8=ED=E1=E0=ED=EA"=20=F0=E0=E4=20=EF=F0=E5=E4=F1=F2=E0=E2=E8=F2=FC?=
Subject: Ôèëèàë "Çàïàäí"Çàïàäíî-Ñèáèðñêèé" ÎÀÎ "Ñîáèíáàíê" ðàä
ïðåäñòàâèòü
=
Second example:
PHP hangs
--
Edit this bug report at http://bugs.php.net/?id=48289&edit=1
#45808 [Com]: stream_socket_enable_crypto() blocks and eats CPU
ID: 45808
Comment by: vincent at optilian dot com
Reported By: six at aegis-corp dot org
Status: Assigned
Bug Type: Streams related
Operating System: Linux 2.6
PHP Version: 5.3.0alpha1
Assigned To: pajoye
New Comment:
Actually I fixed some things in the patch, see below ...
It makes more sense to test whether the socket is in blocking mode,
even if a client ssl socket doesn't need multiple calls to
stream_socket_enable_crypto()
--- xp_ssl.c.orig 2009-10-12 19:34:31.0 +0200
+++ xp_ssl.c2009-10-13 12:30:24.0 +0200
@@ -299,8 +299,12 @@
SSL_METHOD *method;
if (sslsock->ssl_handle) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS already
set-up
for this stream");
- return -1;
+ if (sslsock->s.is_blocked) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS
already set-up
for this stream");
+ return -1;
+ } else {
+ return 0;
+ }
}
/* need to do slightly different things, based on client/server
method,
@@ -415,7 +419,7 @@
}
if (n <= 0) {
- retry = handle_ssl_error(stream, n, 1
TSRMLS_CC);
+ retry = handle_ssl_error(stream, n,
sslsock->is_client ||
sslsock->s.is_blocked TSRMLS_CC);
} else {
break;
}
Previous Comments:
[2009-10-12 20:50:36] vincent at optilian dot com
Here is a patch to fix this issue (diff against 5.3.0)
As far as I have tested, everything works as expected with this patch
applied.
--- xp_ssl.c.orig 2009-10-12 19:34:31.0 +0200
+++ xp_ssl.c2009-10-12 20:39:19.0 +0200
@@ -299,8 +299,12 @@
SSL_METHOD *method;
if (sslsock->ssl_handle) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS already
set-up
for this stream");
- return -1;
+ if (sslsock->is_client) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS
already set-up
for this stream");
+ return -1;
+ } else {
+ return 0;
+ }
}
/* need to do slightly different things, based on client/server
method,
@@ -415,7 +419,7 @@
}
if (n <= 0) {
- retry = handle_ssl_error(stream, n, 1
TSRMLS_CC);
+ retry = handle_ssl_error(stream, n,
sslsock->is_client
TSRMLS_CC);
} else {
break;
}
[2009-08-18 16:15:00] garre...@php.net
FYI:
I can't repro this on Windows with the build off the snaps' box (VC9
x86 Non Thread Safe (2009-Aug-18 16:00:00)).
It:
blocks until connection using telnet[expected]
doens't consume any CPU[expected]
and returns 'bool(false)' [expected -- I assume the same as
'int(0)']
and exits[expected]
G
[2008-10-30 11:03:57] xl269 at cam dot ac dot uk
just to confirm that this bug still exists in php5.3-200810292330
[2008-09-25 17:59:37] singularity_control at rcpt dot at
This makes a serious security issue. It is a very effective DoS on
all single process PHP servers with SSL and a slightly less bad DoS on
multi-process PHP servers.
[2008-09-25 16:07:31] nasam at mailvault dot com
Bug is in ext/openssl/xp_ssl.c
Function handle_ssl_error: (line 107)
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
/* re-negotiation, or perhaps the SSL layer needs more
* packets: retry in next iteration */
errno = EAGAIN;
retry = is_init ? 1 : sslsock->s.is_blocked; //BUG
break;
it sets retry to 1 in php_openssl_enable_crypto no matter if socket is
blocking or not.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/45808
--
Edit this bug report at http://bugs.php.net/?id=45808&edit=1
#49853 [Opn]: Soap Client stream context option is ignored
ID: 49853
Updated by: sjo...@php.net
Reported By: rumana024 at yahoo dot com
Status: Open
Bug Type: SOAP related
Operating System: Windows XP
PHP Version: 5.2SVN-2009-10-12 (SVN)
New Comment:
Thank you for your bug report.
Please try 'http' as wrapper name instead of 'https'.
Previous Comments:
[2009-10-12 23:18:28] rumana024 at yahoo dot com
Description:
Hi:
I am using PHP Soap PHP-SOAP/5.2.9-2 to connect to a web service. Part
of the reqiurment is that , few http headers need to be as part of the
request, but not part of the soap envelope. I am using the stream
context option and add the http headers with that option. Unfortunately,
the stream context is not being read at all.
Reproduce code:
---
Here is my code
$opts = array(
'https'=>array(
'method'=>"GET",
'header'=>'X-SECURITY-USERID: seller_1253314668_biz_api1.x.com\r\n'
.
'X-SECURITY-PASSWORD: 1253314679\r\n' .
'X-SECURITY-SIGNATURE:
AtQaNHC.hbpghF5uGCRO99PVY6a2ASO58V7ki3.SAb3vQzBlBAxEyi0b\r\n' .
'X-SERVICE-VERSION: 1.2.0\r\n' .
'X-MESSAGE-PROTOCOL: SOAP11\r\n' .
'X-REQUEST-SOURCE: PLATFORM_JAVA_SOAP_SAMPLE_V1\r\n' .
'X-APPLICATION-ID: APP-80W284485P519543T\r\n'));
$context = stream_context_create($opts);
$soapClient = new SoapClient(null,array('location' =>
"https://svcs.sandbox.x.com/AP/Method1/";,
'uri' =>
"http://svcs.x.com/types/ap";,
'soap_version' => SOAP_1_1,
'trace' => 1, 'stream_context' => $context));
Expected result:
Security Credential are going as HTTP Headers and the Http headers are
contained in the context parameter. I get the result Invalid User name
and Password. So the context is not going through at all.
I know for sure the credentials are valid.
I know other option parameter like 'location', 'uri' are working.Please
advice how to fix this problem.
--
Edit this bug report at http://bugs.php.net/?id=49853&edit=1
#49855 [Opn->Ver]: import_request_variables always return false in any codition.
ID: 49855
Updated by: sjo...@php.net
Reported By: easyeagel at gmx dot com
-Status: Open
+Status: Verified
Bug Type: HTTP related
Operating System: Linux
PHP Version: 5.2.11
New Comment:
Actually, it seems to return null, not false.
Previous Comments:
[2009-10-13 02:16:16] easyeagel at gmx dot com
Description:
the import_request_variables always return false in any condition.
Reproduce code:
---
---
>From manual page: function.import-request-variables#Return Values
---
if(import_request_variables('p', 'post_'))
{
echo "unimport the request";
phpinfo();
}
if(isset($post_username))
{
echo "", $post_username, "";
}
if(isset($post_email))
{
echo "", $post_email, "";
}
if(isset($post_message))
{
echo "", $post_message, "";
}
Expected result:
I think the import_request_varibles return true
Actual result:
--
it return false, and return false anytime, if I run php5 in command
line or in apache.
--
Edit this bug report at http://bugs.php.net/?id=49855&edit=1
#49814 [Opn->Csd]: htmlentities/htmlspecialchars accept partial multibyte sequences still
ID: 49814
User updated by: hello at iwamot dot com
Reported By: hello at iwamot dot com
-Status: Open
+Status: Closed
Bug Type: Strings related
Operating System: *
PHP Version: 5.3.2-dev
New Comment:
I received a message from Moriyoshi. According to him,
htmlentities/htmlspecialchars must accept [\x80 - \x8d], because they
are not a lead byte. Then application developers may use those as some
sort of control codes.
I agree with him, and close this report. Thank you all for your
kindness.
Previous Comments:
[2009-10-11 07:16:27] hello at iwamot dot com
First of all, thank you for your fixing bug #49785. But it seems to me
that htmlentities/htmlspecialchars must not accept [\x80 - \x8d] when
EUC-JP is specified. If I'm right, I hope they will be fixed. Or close
this report please. Thanks.
[2009-10-09 16:46:23] hello at iwamot dot com
Yes it is. Many thanks for your time and help!
[2009-10-09 11:50:13] mcdmaster at auone dot jp
Sorry but this issue is the same as bug #49785, isn't it?
[2009-10-08 14:15:55] hello at iwamot dot com
Description:
PHP 5 ChangelLog says "Fixed htmlentities/htmlspecialchars not to
accept partial multibyte sequences."
http://www.php.net/ChangeLog-5.php#5.2.5
But it has not been fixed in reality. Please correct the log, or
investigate my patch.
http://iwamot.com/misc/html.c.patch.20091008
Reproduce code:
---
// Shift_JIS
echo htmlspecialchars("\x80", ENT_QUOTES, 'Shift_JIS') . "!\n";
echo htmlspecialchars("\x81/", ENT_QUOTES, 'Shift_JIS') . "!\n";
// EUC-JP
echo htmlspecialchars("\x80", ENT_QUOTES, 'EUC-JP'). "!\n";
echo htmlspecialchars("\xA1/", ENT_QUOTES, 'EUC-JP'). "!\n";
Expected result:
returning empty string (as well as my patch):
!
!
!
!
or sanitizing:
!
/!
!
/!
Actual result:
--
_!
_/!
_!
_/!
("_" means an invalid byte)
--
Edit this bug report at http://bugs.php.net/?id=49814&edit=1
#35368 [Com]: PDO query does not work properly with serialize
ID: 35368 Comment by: sales at fbib2b dot com Reported By: lists at cyberlot dot net Status: Suspended Bug Type: PDO related Operating System: * PHP Version: 6CVS, 5CVS Assigned To: wez New Comment: The http://www.fbib2b.com/ugg-boots-ugg-classic-mini-c-1_11_17.html";>ugg classic mini secret of being miserable http://www.fbib2b.com/shoes-gucci-shoes-c-1_55.html";>men gucci shoes is to have leisure http://www.fbib2b.com/shoes-louis-vuitton-lv-shoes-c-1_154.html";>LV boots sale bother about whether you are happy or not http://www.fbib2b.com/shoes-nike-dunk-sb-shoes-c-1_341.html";>nike dunk SB. nike air max 90,nike air force one,high dunk sb Previous Comments: [2009-10-12 01:57:01] yanshao at 126 dot com http://www.hotuggsale.co.uk/infants-erin-ugg-boots.html Infants Erin Ugg Boots The Bailey Button UGG Boots from UGG Australia are a new addition this year (2009) to the lineup of classics for women. They have an interesting, unique look while still maintaining the basic traditional "classic" design that has become so well known in the fashion world. [2009-09-29 07:17:25] yqj0033 at 163 dot com Taylor Swift attended the 2008 CMT Music Awards which was held at the Curb Events Center at Belmont University on Monday in Nashville Tennessee. The young singer also performed on the show and even picked up the award for Best Female Video for her hit single ¡®Our Song¡¯. The 18-year old singer could barely believe she won, saying ¡°Are you serious? I can¡¯t even believe this.¡± And who would when the rest of the nominees included Carrie Underwood, LeAnn Rimes, Martina McBride and Miranda Lambert? Congrats Taylor! You may have been in the company of stiff competition but you definitely deserved it! http://www.purchaseuggboots.com/ [2009-09-25 08:43:17] 1 at QQ dot COM http://www.uggboots100.co.uk ugg boots http://www.myuggboots100.com ugg boots sale [2009-09-21 07:45:22] spfaoct at hotmail dot com http://www.uggshelf.com/Products.html";>ugg Boots [2009-09-18 00:49:41] wo at 126 dot com Warhammer online CDkey are the codes which be used to active your http://www.chihaironline.com/chi hair straighteners. Warhammer online accounts then will be needed after your http://www.chihaironline.com /chi hair tools have been activated. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/35368 -- Edit this bug report at http://bugs.php.net/?id=35368&edit=1
#35368 [Com]: PDO query does not work properly with serialize
ID: 35368 Comment by: sales at uggca dot com Reported By: lists at cyberlot dot net Status: Suspended Bug Type: PDO related Operating System: * PHP Version: 6CVS, 5CVS Assigned To: wez New Comment: http://www.uggca.com/ugg-australia-classic-cardy-c-3.html";>ugg classic cardyTo mourn a mischief http://www.uggca.com/ugg-classic-mini-c-5.html";>ugg classic mini that is pastand gone is the next http://www.uggca.com/ugg-classic-tall-c-8.html";>ugg classic tall way to draw new mischief on http://www.uggca.com/ugg-classic-short-c-6.html";> ugg classic short. ugg boots sale,ugg classic mini,ugg classic tall Previous Comments: [2009-10-13 15:29:45] sales at fbib2b dot com The http://www.fbib2b.com/ugg-boots-ugg-classic-mini-c-1_11_17.html";>ugg classic mini secret of being miserable http://www.fbib2b.com/shoes-gucci-shoes-c-1_55.html";>men gucci shoes is to have leisure http://www.fbib2b.com/shoes-louis-vuitton-lv-shoes-c-1_154.html";>LV boots sale bother about whether you are happy or not http://www.fbib2b.com/shoes-nike-dunk-sb-shoes-c-1_341.html";>nike dunk SB. nike air max 90,nike air force one,high dunk sb [2009-10-12 01:57:01] yanshao at 126 dot com http://www.hotuggsale.co.uk/infants-erin-ugg-boots.html Infants Erin Ugg Boots The Bailey Button UGG Boots from UGG Australia are a new addition this year (2009) to the lineup of classics for women. They have an interesting, unique look while still maintaining the basic traditional "classic" design that has become so well known in the fashion world. [2009-09-29 07:17:25] yqj0033 at 163 dot com Taylor Swift attended the 2008 CMT Music Awards which was held at the Curb Events Center at Belmont University on Monday in Nashville Tennessee. The young singer also performed on the show and even picked up the award for Best Female Video for her hit single ¡®Our Song¡¯. The 18-year old singer could barely believe she won, saying ¡°Are you serious? I can¡¯t even believe this.¡± And who would when the rest of the nominees included Carrie Underwood, LeAnn Rimes, Martina McBride and Miranda Lambert? Congrats Taylor! You may have been in the company of stiff competition but you definitely deserved it! http://www.purchaseuggboots.com/ [2009-09-25 08:43:17] 1 at QQ dot COM http://www.uggboots100.co.uk ugg boots http://www.myuggboots100.com ugg boots sale [2009-09-21 07:45:22] spfaoct at hotmail dot com http://www.uggshelf.com/Products.html";>ugg Boots The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/35368 -- Edit this bug report at http://bugs.php.net/?id=35368&edit=1
#49825 [Fbk->Opn]: PHP_SELF duplicate path
ID: 49825 User updated by: michaels at sc dot edu Reported By: michaels at sc dot edu -Status: Feedback +Status: Open Bug Type: IIS related Operating System: Windows Server 2000 PHP Version: 5.3.0 New Comment: No, the full path does not contain non-ASCII chars, as in bug report 49840. Previous Comments: [2009-10-12 11:09:54] sjo...@php.net See also Bug #49840 PHP_SELF returns incorrect value. Does the full path of index.php contains non-ASCII characters? [2009-10-09 21:02:31] michaels at sc dot edu Description: This issue is the same as reported in Bug #45637 but is happening with IIS5 running on Server 2000. The variable: _SERVER["PHP_SELF"] /forums/adm/index.php/forums/adm/index.php should be _SERVER["PHP_SELF"] /forums/adm/index.php This is causing phpBB version 3 to operate incorrectly, by providing an incorrect connection string. Reproduce code: --- These are vars from the info page - please note _SERVER["PHP_SELF"]: _SERVER["SERVER_PORT"] 80 _SERVER["SERVER_PORT_SECURE"] 0 _SERVER["SERVER_PROTOCOL"] HTTP/1.1 _SERVER["SERVER_SOFTWARE"] Microsoft-IIS/5.0 _SERVER["SystemDrive"] C: _SERVER["SystemRoot"] C:\WINNT _SERVER["TEMP"] C:\WINNT\TEMP _SERVER["TMP"] C:\WINNT\TEMP _SERVER["USERPROFILE"] C:\Documents and Settings\WWW\ASPNET _SERVER["windir"] C:\WINNT _SERVER["SCRIPT_FILENAME"] D:\Inetpub\phpBB3\adm\index.php _SERVER["PHP_SELF"] /forums/adm/index.php/forums/adm/index.php _SERVER["REQUEST_TIME"] 1255105911 Expected result: _SERVER["PHP_SELF"] /forums/adm/index.php Actual result: -- _SERVER["PHP_SELF"] /forums/adm/index.php/forums/adm/index.php -- Edit this bug report at http://bugs.php.net/?id=49825&edit=1
#49866 [NEW]: Making reference on string offsets crashes PHP
From: doctorrock83 at gmail dot com Operating system: Linux PHP version: 5.3.0 PHP Bug Type: Scripting Engine problem Bug description: Making reference on string offsets crashes PHP Description: When making a reference on a string offset and changing it, PHP5.3 crashes with segfault, but PHP 5.2, 5.1 and 5.0 throws errors. I know that it's a bad PHP programming than thinking PHP is C, the fact is that this behavior gives PHP errors in 5.2/5.1/5.0 branches, but segfaults 5.3.0 release. Reproduce code: --- http://bugs.php.net/?id=49866&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49866&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49866&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49866&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49866&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49866&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49866&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49866&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49866&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49866&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49866&r=support Expected behavior: http://bugs.php.net/fix.php?id=49866&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49866&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49866&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49866&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49866&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49866&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49866&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49866&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49866&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49866&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49866&r=mysqlcfg
#49867 [NEW]: spl_autoload crashes when called in write function of custom sessionSaveHandler
From: nicolas dot lepage at yahoo dot fr Operating system: Windows, Unix PHP version: 5.3.0 PHP Bug Type: SPL related Bug description: spl_autoload crashes when called in write function of custom sessionSaveHandler Description: When trying to instantiate a class that is not defined within the write function that has been registered as a custom session save handler, the following problems occur : _ functions that have been registered by spl_autoload_register are not called _ a fatal error is generated by spl_autoload() In the reproduce code, the normal behavior would be to generate a fatal error 'class not found'. This problem occurs only in the write function and not in the others. Additionnaly, when I replace the instantiation code by a call to spl_autoload_functions(), the apache server crashes. It could be related to bug #37111. Reproduce code: --- Expected result: Fatal error: Class 'NotLoadedClass' not found in F:\xampp\htdocs\test\test.php on line 18 Actual result: -- Fatal error: spl_autoload() [function.spl-autoload]: Class NotLoadedClass could not be loaded in F:\xampp\htdocs\test\test.php on line 18 -- Edit bug report at http://bugs.php.net/?id=49867&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49867&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49867&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49867&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49867&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49867&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49867&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49867&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49867&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49867&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49867&r=support Expected behavior: http://bugs.php.net/fix.php?id=49867&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49867&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49867&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49867&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49867&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49867&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49867&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49867&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49867&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49867&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49867&r=mysqlcfg
#49866 [Opn->Asn]: Making reference on string offsets crashes PHP
ID: 49866 Updated by: fel...@php.net Reported By: doctorrock83 at gmail dot com -Status: Open +Status: Assigned Bug Type: Scripting Engine problem Operating System: Linux PHP Version: 5.3.0 -Assigned To: +Assigned To: dmitry New Comment: Dmitry, this is related to rev.251187 and rev.244680 (fix for #35163) Previous Comments: [2009-10-13 16:08:41] doctorrock83 at gmail dot com Description: When making a reference on a string offset and changing it, PHP5.3 crashes with segfault, but PHP 5.2, 5.1 and 5.0 throws errors. I know that it's a bad PHP programming than thinking PHP is C, the fact is that this behavior gives PHP errors in 5.2/5.1/5.0 branches, but segfaults 5.3.0 release. Reproduce code: --- http://bugs.php.net/?id=49866&edit=1
#49868 [NEW]: max_execution_time affected by max_input_time
From: majkl578 at gmail dot com Operating system: Linux Debian PHP version: 5.3SVN-2009-10-13 (snap) PHP Bug Type: Scripting Engine problem Bug description: max_execution_time affected by max_input_time Description: PHP ignores the max_execution_time set in php.ini and sets (somehow internally) it to the value of max_input_time. ini_get returns correct values of both of these settings, but the script is halted after the time set as max_input_time. This bug affects PHP5.3RC1 and also the latest snapshot of PHP5.3. It is probably similar to an old bug #37306. Related php.ini values: max_execution_time = 5 max_input_time = 10 Configure command: ./configure --prefix=/usr --sysconfdir=/etc --cache-file=./config.cache --with-config-file-path=/etc/php --with-config-file-scan-dir=/etc/php/extensions --with-apxs2=/usr/bin/apxs2 --with-mysql --with-mysqli --with-curl --with-sqlite --enable-sqlite-utf8 --with-gd --enable-mbstring --with-openssl --disable-short-tags --with-mcrypt --with-bz2 --with-zlib --enable-zip --with-xmlrpc --enable-soap --without-mssql --with-pgsql --with-tidy --enable-debug --disable-posix --enable-exif --enable-ftp --with-gettext --with-mhash --enable-pcntl --with-pspell --enable-sockets --with-xsl --enable-cli --enable-calendar --disable-cgi --enable-zend-multibyte Reproduce code: --- http://bugs.php.net/?id=49868&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49868&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49868&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49868&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49868&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49868&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49868&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49868&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49868&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49868&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49868&r=support Expected behavior: http://bugs.php.net/fix.php?id=49868&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49868&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49868&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49868&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49868&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49868&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49868&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49868&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49868&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49868&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49868&r=mysqlcfg
#49868 [Opn]: max_execution_time affected by max_input_time
ID: 49868 Updated by: sjo...@php.net Reported By: majkl578 at gmail dot com Status: Open Bug Type: Scripting Engine problem Operating System: Linux Debian PHP Version: 5.3SVN-2009-10-13 (snap) New Comment: See also bug #37306 max_execution_time = max_input_time Previous Comments: [2009-10-13 17:41:55] majkl578 at gmail dot com Description: PHP ignores the max_execution_time set in php.ini and sets (somehow internally) it to the value of max_input_time. ini_get returns correct values of both of these settings, but the script is halted after the time set as max_input_time. This bug affects PHP5.3RC1 and also the latest snapshot of PHP5.3. It is probably similar to an old bug #37306. Related php.ini values: max_execution_time = 5 max_input_time = 10 Configure command: ./configure --prefix=/usr --sysconfdir=/etc --cache-file=./config.cache --with-config-file-path=/etc/php --with-config-file-scan-dir=/etc/php/extensions --with-apxs2=/usr/bin/apxs2 --with-mysql --with-mysqli --with-curl --with-sqlite --enable-sqlite-utf8 --with-gd --enable-mbstring --with-openssl --disable-short-tags --with-mcrypt --with-bz2 --with-zlib --enable-zip --with-xmlrpc --enable-soap --without-mssql --with-pgsql --with-tidy --enable-debug --disable-posix --enable-exif --enable-ftp --with-gettext --with-mhash --enable-pcntl --with-pspell --enable-sockets --with-xsl --enable-cli --enable-calendar --disable-cgi --enable-zend-multibyte Reproduce code: --- http://bugs.php.net/?id=49868&edit=1
#49853 [Com]: Soap Client stream context option is ignored
ID: 49853
Comment by: rumana024 at yahoo dot com
Reported By: rumana024 at yahoo dot com
Status: Open
Bug Type: SOAP related
Operating System: Windows XP
PHP Version: 5.2SVN-2009-10-12 (SVN)
New Comment:
$headers = array('X-USERID: user_1253314668.com\r\n',
'Content-type: application/x-www-form-urlencoded\r\n',
'X-PASSWORD: 1253314679\r\n',
'X-SIGNATURE:
AtQaNHC.hbpghF5uGCRO99PVYV7ki3.SAb3vQzBlBAxEyi0b\r\n',
'X-VERSION: 1.2.0\r\n',
'X-PROTOCOL: SOAP11\r\n',
'X-SOURCE: PHP_SOAP_SAMPLE_V1\r\n');
$context = stream_context_create(array('http' => array('header' =>
$headers)));
$soapClient = new SoapClient(null,array('location' =>
"https://svcs.sandbox.com/Method1/";,
'uri' =>
"http://x.x.com/types/test";,
'soap_version' =>
SOAP_1_1,'trace' => 1, 'stream_context' => $context));
//Constructing the Payload
$param = "the payload"
$result = $soapClient->Method1($params);
I have changed the wrapper from https to http. Also made the header an
array. Still the same error. I do not see the http header with other
http headers when print the $soapClient->_getLastRequestHeaders().
Please advice how to resolve the issue.
Previous Comments:
[2009-10-13 10:48:05] sjo...@php.net
Thank you for your bug report.
Please try 'http' as wrapper name instead of 'https'.
[2009-10-12 23:18:28] rumana024 at yahoo dot com
Description:
Hi:
I am using PHP Soap PHP-SOAP/5.2.9-2 to connect to a web service. Part
of the reqiurment is that , few http headers need to be as part of the
request, but not part of the soap envelope. I am using the stream
context option and add the http headers with that option. Unfortunately,
the stream context is not being read at all.
Reproduce code:
---
Here is my code
$opts = array(
'https'=>array(
'method'=>"GET",
'header'=>'X-SECURITY-USERID: seller_1253314668_biz_api1.x.com\r\n'
.
'X-SECURITY-PASSWORD: 1253314679\r\n' .
'X-SECURITY-SIGNATURE:
AtQaNHC.hbpghF5uGCRO99PVY6a2ASO58V7ki3.SAb3vQzBlBAxEyi0b\r\n' .
'X-SERVICE-VERSION: 1.2.0\r\n' .
'X-MESSAGE-PROTOCOL: SOAP11\r\n' .
'X-REQUEST-SOURCE: PLATFORM_JAVA_SOAP_SAMPLE_V1\r\n' .
'X-APPLICATION-ID: APP-80W284485P519543T\r\n'));
$context = stream_context_create($opts);
$soapClient = new SoapClient(null,array('location' =>
"https://svcs.sandbox.x.com/AP/Method1/";,
'uri' =>
"http://svcs.x.com/types/ap";,
'soap_version' => SOAP_1_1,
'trace' => 1, 'stream_context' => $context));
Expected result:
Security Credential are going as HTTP Headers and the Http headers are
contained in the context parameter. I get the result Invalid User name
and Password. So the context is not going through at all.
I know for sure the credentials are valid.
I know other option parameter like 'location', 'uri' are working.Please
advice how to fix this problem.
--
Edit this bug report at http://bugs.php.net/?id=49853&edit=1
#49827 [Fbk->Opn]: shell_exec using ls /home fails with Permission denied
ID: 49827 User updated by: bill dot mcclendon at digiconllc dot com Reported By: bill dot mcclendon at digiconllc dot com -Status: Feedback +Status: Open Bug Type: Unknown/Other Function Operating System: Linux RH PHP Version: 5.2.11 New Comment: PHP bug reporting/support. 1) No ACL's (you think I didn't check this already?) 2) You mean grave accent? Yes - same error (I checked that already too). It's not running in a VM either. Bill Previous Comments: [2009-10-10 12:02:17] sjo...@php.net Thank you for your bug report. Does your installation have other access control than UNIX permissions, such as ACL? Can you succesfully execute 'ls /home' from the command line, or using backticks in PHP? [2009-10-09 22:49:50] bill dot mcclendon at digiconllc dot com Corrected email address (your form seems to have a problem) [2009-10-09 22:48:30] bill dot mcclendon at digiconllc dot com Description: Running Apache 2.x and PHP 5.2 safe_mode = off test case - using "" produces the error "ls: /home Permission denied" using "" succeeds (check the Apache error_log for errors) However, both "/home" and "/usr" have the EXACT same permission and ownership. and Apache is running with "User owner" where "owner" is the owner of the contents of "/home". Listing of both paths: 8 drwxr-xr-x 15 root root4096 Jun 24 2005 usr 8 drwxr-xr-x5 root root4096 Jan 8 2007 home Shell is "/bin/bash" and it looks like: 764 -rwxr-xr-x 1 root root 772760 Dec 6 2004 /bin/bash Any ideas? Reproduce code: --- Test cases: FAIL: ".shell_exec($cmd).""; ?> SUCCESS: ".shell_exec($cmd).""; ?> Expected result: Listing of files: SUCCESS result: bin etc games include kerberos lib lib64 libexec local sbin share src tmp X11R6 Actual result: -- For FAIL above (no results). -- Edit this bug report at http://bugs.php.net/?id=49827&edit=1
#49869 [NEW]: imagettfbbox returns bogus value
From: orel at melix dot net Operating system: Linux PHP version: 5.2.11 PHP Bug Type: GD related Bug description: imagettfbbox returns bogus value Description: imagettfbbox returns bogus values: Array ( [0] => 0 [1] => 3 [2] => -2147483648 [3] => 3 [4] => -2147483648 [5] => -14 [6] => 0 [7] => -14 ) 5.2.0-8+etch13 is ok 5.2.11-1 is ko Reproduce code: --- print_r(imagettfbbox(12, 0,"/home/somewhere/verdanab.ttf", "Recipient responses")); Expected result: Array ( [0] => 0 [1] => 3 [2] => 181 [3] => 3 [4] => 181 [5] => -14 [6] => 0 [7] => -14 ) Actual result: -- Array ( [0] => 0 [1] => 3 [2] => -2147483648 [3] => 3 [4] => -2147483648 [5] => -14 [6] => 0 [7] => -14 ) -- Edit bug report at http://bugs.php.net/?id=49869&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49869&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49869&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49869&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49869&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49869&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49869&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49869&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49869&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49869&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49869&r=support Expected behavior: http://bugs.php.net/fix.php?id=49869&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49869&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49869&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49869&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49869&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49869&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49869&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49869&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49869&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49869&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49869&r=mysqlcfg
#49869 [Opn->Asn]: imagettfbbox returns bogus value
ID: 49869 Updated by: paj...@php.net Reported By: orel at melix dot net -Status: Open +Status: Assigned Bug Type: GD related Operating System: Linux PHP Version: 5.2.11 -Assigned To: +Assigned To: tabe New Comment: Hm that one is new, time to look at it Tabe? Previous Comments: [2009-10-13 18:41:08] orel at melix dot net Description: imagettfbbox returns bogus values: Array ( [0] => 0 [1] => 3 [2] => -2147483648 [3] => 3 [4] => -2147483648 [5] => -14 [6] => 0 [7] => -14 ) 5.2.0-8+etch13 is ok 5.2.11-1 is ko Reproduce code: --- print_r(imagettfbbox(12, 0,"/home/somewhere/verdanab.ttf", "Recipient responses")); Expected result: Array ( [0] => 0 [1] => 3 [2] => 181 [3] => 3 [4] => 181 [5] => -14 [6] => 0 [7] => -14 ) Actual result: -- Array ( [0] => 0 [1] => 3 [2] => -2147483648 [3] => 3 [4] => -2147483648 [5] => -14 [6] => 0 [7] => -14 ) -- Edit this bug report at http://bugs.php.net/?id=49869&edit=1
#47409 [Com]: extract() problem with array containing word "this"
ID: 47409
Comment by: chrisstocktonaz at gmail dot com
Reported By: niximor at gmail dot com
Status: Open
Bug Type: Scripting Engine problem
Operating System: Windows Vista
PHP Version: 5.2.9
New Comment:
I think your second proposal on expected behavior would be more
correct, rewriting $this doesn't seem right :p Below is a simple
patch:
Index: ext/standard/array.c
===
--- ext/standard/array.c(revision 289616)
+++ ext/standard/array.c(working copy)
@@ -1364,6 +1364,10 @@
if (var_exists && var_name_len ==
sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
break;
}
+/* THIS protection */
+ if (var_exists && var_name_len ==
(sizeof("this")-1) && !strcmp(var_name, "this") && EG(scope) && "" !=
EG(scope)->name) {
+ break;
+ }
ZVAL_STRINGL(&final_name, var_name,
var_name_len, 1);
break;
Previous Comments:
[2009-02-21 20:23:34] niximor at gmail dot com
With latest version downloaded just now (5.2.9RC4-dev) same result as
with RC2 (Test1::name = test2).
[2009-02-16 18:48:50] niximor at gmail dot com
Description:
When I use extract() with array, that contains key "this", it behaves
really weird. See code for more info.
Reproduce code:
---
class Test1 {
var $name = "test1";
}
class Test2 {
var $name = "test2";
function bug() {
extract(array("this"=>new Test1()), EXTR_OVERWRITE | EXTR_REFS);
echo get_class($this)."::name = ".$this->name;
}
}
$t = new Test2();
$t->bug();
Expected result:
Test1::name = test1 (preferably)
OR
Test2::name = test2
- not combination of both.
Actual result:
--
Test1::name = test2
--
Edit this bug report at http://bugs.php.net/?id=47409&edit=1
#47627 [Bgs->Ver]: "No input file specified" causing crash
ID: 47627 Updated by: s...@php.net Reported By: danielc at analysisandsolutions dot com -Status: Bogus +Status: Verified Bug Type: CGI related Operating System: win32 only - WinXP Pro SP3 PHP Version: 5.3CVS-2009-03-11 (snap) Assigned To: garretts New Comment: I can reproduce it. IIS gives empty path_translated (NULL) when file not found which crashes here: UpdateIniFromRegistry(primary_file->filename TSRMLS_CC); in php_execute_script since primary_file->filename is NULL. Previous Comments: [2009-08-18 15:53:23] garre...@php.net I'm unable to reproduce this with Apache 2.2.13, mod_fcgid and php5.3.1-dev. I'd recommend a couple of things: - Since Apache 1.3 isn't really supported at all these days, moving up to 2.2 would be a good idea. - Regardless, Apache should be configured to not pass thru requests to fcgi handlers for files that don't exist. [2009-03-11 19:37:28] danielc at analysisandsolutions dot com Description: In PHP 5.3, pointing my browser to a .php file that does not exist causes php-cgi to crash and Apache to return a 500 error. In PHP 5.2.6, doing so returns output saying "No input file specified." During the crash, Windows displays the "Please tell Microsoft about this problem" dialog box. The title is "CGI / FastCGI". The "To see what data this error report contains" sub dialog box says: Error signature szAppName : php-cgi.exe szAppVer : 5.3.0.0 szModName : php5ts.dll szModVer : 5.3.0.0 offset : 000cea5d The "To view technical information about the error report" sub sub dialog box contains: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\php-cgi.exe.mdmp C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\appcompat.txt My Apache 1.3 error log message shows: [Wed Mar 11 14:59:02 2009] [error] [client 127.0.0.1] Premature end of script headers: c:/program files/php/php-cgi.exe My PHP version is: PHP 5.3.0beta2-dev (cgi-fcgi) (built: Mar 11 2009 17:04:23) -- Edit this bug report at http://bugs.php.net/?id=47627&edit=1
#47627 [Ver->Ctl]: "No input file specified" causing crash
ID: 47627 Updated by: s...@php.net Reported By: danielc at analysisandsolutions dot com -Status: Verified +Status: Critical Bug Type: CGI related Operating System: win32 only - WinXP Pro SP3 PHP Version: 5.3CVS-2009-03-11 (snap) Assigned To: garretts Previous Comments: [2009-10-13 19:45:11] s...@php.net I can reproduce it. IIS gives empty path_translated (NULL) when file not found which crashes here: UpdateIniFromRegistry(primary_file->filename TSRMLS_CC); in php_execute_script since primary_file->filename is NULL. [2009-08-18 15:53:23] garre...@php.net I'm unable to reproduce this with Apache 2.2.13, mod_fcgid and php5.3.1-dev. I'd recommend a couple of things: - Since Apache 1.3 isn't really supported at all these days, moving up to 2.2 would be a good idea. - Regardless, Apache should be configured to not pass thru requests to fcgi handlers for files that don't exist. [2009-03-11 19:37:28] danielc at analysisandsolutions dot com Description: In PHP 5.3, pointing my browser to a .php file that does not exist causes php-cgi to crash and Apache to return a 500 error. In PHP 5.2.6, doing so returns output saying "No input file specified." During the crash, Windows displays the "Please tell Microsoft about this problem" dialog box. The title is "CGI / FastCGI". The "To see what data this error report contains" sub dialog box says: Error signature szAppName : php-cgi.exe szAppVer : 5.3.0.0 szModName : php5ts.dll szModVer : 5.3.0.0 offset : 000cea5d The "To view technical information about the error report" sub sub dialog box contains: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\php-cgi.exe.mdmp C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\appcompat.txt My Apache 1.3 error log message shows: [Wed Mar 11 14:59:02 2009] [error] [client 127.0.0.1] Premature end of script headers: c:/program files/php/php-cgi.exe My PHP version is: PHP 5.3.0beta2-dev (cgi-fcgi) (built: Mar 11 2009 17:04:23) -- Edit this bug report at http://bugs.php.net/?id=47627&edit=1
#47627 [Ctl->Bgs]: "No input file specified" causing crash
ID: 47627 Updated by: paj...@php.net Reported By: danielc at analysisandsolutions dot com -Status: Critical +Status: Bogus Bug Type: CGI related Operating System: win32 only - WinXP Pro SP3 PHP Version: 5.3CVS-2009-03-11 (snap) Assigned To: garretts New Comment: That's correct and has been analyzed in #49767, will be fixed there. Please note that the condition is not only that the file does not exist but also to use when the per directory registry setting is used. Set this one as bogus as the one will be used to track this bug. Thanks for having reproduced it Stas :) Previous Comments: [2009-10-13 19:45:11] s...@php.net I can reproduce it. IIS gives empty path_translated (NULL) when file not found which crashes here: UpdateIniFromRegistry(primary_file->filename TSRMLS_CC); in php_execute_script since primary_file->filename is NULL. [2009-08-18 15:53:23] garre...@php.net I'm unable to reproduce this with Apache 2.2.13, mod_fcgid and php5.3.1-dev. I'd recommend a couple of things: - Since Apache 1.3 isn't really supported at all these days, moving up to 2.2 would be a good idea. - Regardless, Apache should be configured to not pass thru requests to fcgi handlers for files that don't exist. [2009-03-11 19:37:28] danielc at analysisandsolutions dot com Description: In PHP 5.3, pointing my browser to a .php file that does not exist causes php-cgi to crash and Apache to return a 500 error. In PHP 5.2.6, doing so returns output saying "No input file specified." During the crash, Windows displays the "Please tell Microsoft about this problem" dialog box. The title is "CGI / FastCGI". The "To see what data this error report contains" sub dialog box says: Error signature szAppName : php-cgi.exe szAppVer : 5.3.0.0 szModName : php5ts.dll szModVer : 5.3.0.0 offset : 000cea5d The "To view technical information about the error report" sub sub dialog box contains: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\php-cgi.exe.mdmp C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WERc9f6.dir00\appcompat.txt My Apache 1.3 error log message shows: [Wed Mar 11 14:59:02 2009] [error] [client 127.0.0.1] Premature end of script headers: c:/program files/php/php-cgi.exe My PHP version is: PHP 5.3.0beta2-dev (cgi-fcgi) (built: Mar 11 2009 17:04:23) -- Edit this bug report at http://bugs.php.net/?id=47627&edit=1
#45945 [Com]: Apache byterange output filter nullified if mod_php5 output > 8000 bytes
ID: 45945 Comment by: dylan at io dot com Reported By: djimenez at conduit-it dot com Status: Open Bug Type: Apache2 related Operating System: Ubuntu PHP Version: 5.*, 6CVS (2009-07-15) New Comment: I have found that using sing X-Sendfile will solve this issue: http://tn123.ath.cx/mod_xsendfile/ (at least for Apache/mod_php). Also even if this "bug" was fixed, I'm not sure the results would be very desirable. Since there's no way to efficiently "fseek" to a particular byte in the script output, I assume mod_php would have to transfer the entire document internally for each chunk that was requested. Previous Comments: [2009-09-16 14:15:21] djimenez at conduit-it dot com Using the handler module: LoadModule php5_module /usr/lib/apache2/modules/libphp5.so AddType application/x-httpd-php .php .phtml .php3 .html .inc .func .clss AddType application/x-httpd-php-source .phps [2009-09-16 12:35:33] j...@php.net Are you using the filter or handler module? What exactly do you put in your httpd.conf to enable PHP? [2009-07-15 19:01:34] djimenez at conduit-it dot com I tested against nightly snapshot php5.3-200907151630 and still obtain the same results. The bug is probably in the php5 apache2 module. [2008-08-31 02:22:29] djimenez at conduit-it dot com I used amazon ec2 to test and reconfirm this bug on a base install of apache2 and php5.2.6 in ubuntu intrepid ibex. No changes to the php.ini (which I've included without comments and empty sections): [PHP] engine = On zend.ze1_compatibility_mode = Off short_open_tag = On asp_tags = Off precision= 12 y2k_compliance = On output_buffering = Off zlib.output_compression = Off implicit_flush = Off unserialize_callback_func= serialize_precision = 100 allow_call_time_pass_reference = On safe_mode = Off safe_mode_gid = Off safe_mode_include_dir = safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH disable_functions = disable_classes = expose_php = On max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60 ; Maximum amount of time each script may spend parsing request data memory_limit = 16M ; Maximum amount of memory a script may consume (16MB) error_reporting = E_ALL & ~E_NOTICE display_errors = On display_startup_errors = Off log_errors = Off log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On track_errors = Off variables_order = "EGPCS" register_globals = Off register_long_arrays = On register_argc_argv = On auto_globals_jit = On post_max_size = 8M magic_quotes_gpc = On magic_quotes_runtime = Off magic_quotes_sybase = Off auto_prepend_file = auto_append_file = default_mimetype = "text/html" doc_root = user_dir = enable_dl = Off file_uploads = On upload_max_filesize = 2M allow_url_fopen = On allow_url_include = Off default_socket_timeout = 60 [Syslog] define_syslog_variables = Off [mail function] SMTP = localhost smtp_port = 25 [SQL] sql.safe_mode = Off [ODBC] odbc.allow_persistent = On odbc.check_persistent = On odbc.max_persistent = -1 odbc.max_links = -1 odbc.defaultlrl = 4096 odbc.defaultbinmode = 1 [MySQL] mysql.allow_persistent = On mysql.max_persistent = -1 mysql.max_links = -1 mysql.default_port = mysql.default_socket = mysql.default_host = mysql.default_user = mysql.default_password = mysql.connect_timeout = 60 mysql.trace_mode = Off [MySQLi] mysqli.max_links = -1 mysqli.default_port = 3306 mysqli.default_socket = mysqli.default_host = mysqli.default_user = mysqli.default_pw = mysqli.reconnect = Off [mSQL] msql.allow_persistent = On msql.max_persistent = -1 msql.max_links = -1 [PostgresSQL] pgsql.allow_persistent = On pgsql.auto_reset_persistent = Off pgsql.max_persistent = -1 pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [Sybase] sybase.allow_persistent = On sybase.max_persistent = -1 sybase.max_links = -1 sybase.min_error_severity = 10 sybase.min_message_severity = 10 sybase.compatability_mode = Off [Sybase-CT] sybct.allow_persistent = On sybct.max_persistent = -1 sybct.max_links = -1 sybct.min_server_severity = 10 sybct.min_client_severity = 10 [bcmath] bcmath.scale = 0 [Informix] ifx.default_host = ifx.default_user = ifx.default_password = ifx.allow_persistent = On ifx.max_persistent = -1 ifx.max_links = -1 ifx.textasvarchar = 0 ifx.byteasvarchar = 0 ifx.charasvarchar = 0 ifx.blobinfile = 0 ifx.nullformat = 0 [Session] session.save_handler = files session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.c
#49767 [Asn]: estrdup crash
ID: 49767
Updated by: dani...@php.net
Reported By: mb at smartftp dot com
Status: Assigned
Bug Type: Reproducible crash
Operating System: win32 only -Windows 2008 SP2 x86
PHP Version: 5.3.0
Assigned To: pajoye
New Comment:
Bug #47627 marked duplicate of this.
Previous Comments:
[2009-10-04 19:35:54] mb at smartftp dot com
I have also sent you the crash report by email. Open the .mht file (RS
removed the .mth extension for some reason) with IE.
[2009-10-04 19:25:46] paj...@php.net
I corrected myself about the script by asking for the full bt (the one
on RS was not readable).
The diagnostic sounds good, I have to reproduce it to be sure. Assigned
to me.
[2009-10-04 17:28:20] mb at smartftp dot com
I don't think you need a script. A little bit of time and motivation
would do as well:
Please review your code:
File: main.c
PHPAPI int php_execute_script(zend_file_handle *primary_file
TSRMLS_DC)
{
...
#ifdef PHP_WIN32
UpdateIniFromRegistry(primary_file->filename TSRMLS_CC);
#endif
..
}
Then:
File: registry.c
void UpdateIniFromRegistry(char *path TSRMLS_DC)
{
-> BUG: missing check for argument
// here comes the check for Per Directory registry value. If it is not
found the function exists and never comes to the estrdup and hence no
crash.
...
orig_path = path = estrdup(path);
..
}
The problem only happens if the "Per Directory Values" registry key is
present. In this case estrdup(NULL) is called and you get the crash.
So I think the argument (path) should be checked for NULL. And when I
look at the main.c I also noticed that you sometimes expect the
primary_file->filename to be null, so maybe you add a check before the
UpdateIniFromRegistry() call.
Proposed FIX:
#ifdef PHP_WIN32
if(primary_file->filename)
{
UpdateIniFromRegistry(primary_file->filename TSRMLS_CC);
}
#endif
+ Add argument check for UpdateIniFromRegistry
Workaround:
Remove "Per Directories Values" registry key.
Regards,
Mat
[2009-10-04 17:23:34] paj...@php.net
Btw, can you also zip the report and send it to me or provide a link to
the zip (pls not one of these radidshare thing) :)
[2009-10-04 17:21:26] paj...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/49767
--
Edit this bug report at http://bugs.php.net/?id=49767&edit=1
#48597 [Com]: Unclosed array keys break space escaping in $_GET/POST/REQUEST
ID: 48597
Comment by: chrisstocktonaz at gmail dot com
Reported By: crmalibu at gmail dot com
Status: Open
Bug Type: *General Issues
Operating System: *
PHP Version: 5.*, 6CVS (2009-07-01)
New Comment:
Here is a fix.
Index: main/php_variables.c
===
--- main/php_variables.c(revision 289602)
+++ main/php_variables.c(working copy)
@@ -61,6 +61,7 @@
{
char *p = NULL;
char *ip; /* index pointer */
+ char *pmarker; /* marker to index before */
char *index, *escaped_index = NULL;
char *var, *var_orig;
int var_len, index_len;
@@ -100,12 +101,19 @@
if (*p == ' ' || *p == '.') {
*p='_';
} else if (*p == '[') {
- is_array = 1;
- ip = p;
- *p = 0;
- break;
+ for(pmarker = p; *pmarker; pmarker++) {
+ if(*pmarker == ']') {
+ is_array = 1;
+ ip = p;
+ *p = 0;
+ goto var_continue;
+ }
+}
+ *p='_';
}
}
+
+ var_continue:
var_len = p - var;
if (var_len==0) { /* empty variable name, or variable name with a
space in it */
Previous Comments:
[2009-09-27 02:52:19] j...@php.net
See also bug #49683
[2009-07-04 22:22:55] j...@php.net
See also bug #48794
[2009-06-18 16:17:41] crmalibu at gmail dot com
Description:
I marked the version as 5.2.9 but it looks like the relevant code is
the same for 5.3 and php 6 as well.
I don't know c, so I struggle to read the source code, but I think I
found something unexpected. In main/php_variables.c in
php_register_variable_ex I think the parsing behaves inconsistent.
After reading the comments in the source code, I would think a gpc
variable name should not make it through which has ' ' or '.' or '['
character in the name. But I've found a way to do it. It seems the
routine for recognizing and parsing the array syntax is at fault.
In particular, characters after the first occurrence of a '[' char will
be left alone because it thinks it needs to parse it as the special
array syntax. But while it does later recognize that it's not proper
array syntax, it doesn't properly convert the remaining character to
underscore.
I don't know if this is a bug, or if it's serious or what. But the
source code comment about removing those chars due to not being binary
safe made me think someone needs to look at this.
Reproduce code:
---
Expected result:
Array
(
[goodvar___] =>
[goodarray] => Array
(
[foo] =>
)
[badvar_] =>
)
Actual result:
--
Array
(
[goodvar___] =>
[goodarray] => Array
(
[foo] =>
)
[badvar_ . [] =>
)
--
Edit this bug report at http://bugs.php.net/?id=48597&edit=1
#49847 [Ana->Csd]: exec() confused by a specially crafted string
ID: 49847
Updated by: il...@php.net
Reported By: soner at comixwall dot org
-Status: Analyzed
+Status: Closed
Bug Type: Program Execution
Operating System: OpenBSD, Linux, Windows
PHP Version: 5.2.11
New Comment:
This bug has been fixed in SVN.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
Thank you for the report, and for helping us make PHP better.
Previous Comments:
[2009-10-14 01:32:08] s...@php.net
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&revision=289624
Log: Fixed bug #49847 (exec() fails to return data inside 2nd
parameter, given output lines >4095 bytes).
[2009-10-12 20:20:56] sjo...@php.net
Filed Bug #49851 "HTTP breaks on long header line", which has the same
cause.
[2009-10-12 19:28:18] sjo...@php.net
>From exec.c:125:
while (php_stream_get_line(stream, ... b, EXEC_INPUT_BUF, &bufl)) {
/* no new line found, let's read some more */
if (b[bufl - 1] != '\n' && !php_stream_eof(stream)) {
...
continue;
...
add_next_index_stringl(array, buf, bufl, 1);
php_stream_get_line reads all the data. No newline is found, because
there is none. The reading has not yet triggered php_stream_eof, because
reading has stopped just before the bytes ran out. Loop starts again.
php_stream_get_line now reads no bytes at all, because no bytes are
left. Loop quits without adding the string to the array.
[2009-10-12 19:01:54] sjo...@php.net
The trick is that the string which is output is 4095 bytes long.
exec("printf %4095d 1", $output);
print_r($output);
[2009-10-12 16:57:11] soner at comixwall dot org
Description:
When shell command returns a specially crafted string, I get an empty
array as $output of exec(), instead of the string. I can very easily
reproduce this issue, please see below for test code.
Reproduce code:
---
Put the following lines in bug.php:
Then put the contents at the following link in echostr.php:
http://comixwall.org/dmdocuments/echostr
Expected result:
When you execute bug.php, you will get an empty array printed out:
Array
(
)
Actual result:
--
Actually, $output should have contained the string above as element 0
of the array.
If you delete or add a character in the string, exec() runs correctly
and you get the intended result. So the issue is specific to this
special string.
The problem is not with the size of the string, because much longer
strings are fine.
Also this issue does *not* exists with passthru(), shell_exec()
functions and backtick operator. Furthermore, exec() return value, i.e.
the last line of shell command output seems fine too (it contains the
string correctly). So I believe the issue is internal to exec(),
effecting $output contents only.
As you can guess, this string is in fact serialized openvpn startup log
lines (I just escaped the single quotes for testing purposes, that's
all), it is not some manually crafted string. Therefore, it is possible
that I may get more than one similar situation in the future.
I have confirmed this issue on OpenBSD, Linux, and Windows. Here are
the versions:
OpenBSD:
PHP 5.2.8 with Suhosin-Patch 0.9.6.3 (cli) (built: Mar 1 2009
10:26:06)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH
Linux:
PHP 5.2.6-3ubuntu4.2 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 21
2009 21:43:13)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
Windows:
PHP 5.2.11 (cli) (built: Sep 16 2009 19:39:46)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
Since Windows version is without Suhosin patch, suhosin as culprit is
ruled out. (Also to test on Windows, I changed the exec shell command as
'php.exe echostr.php' of course.)
--
Edit this bug report at http://bugs.php.net/?id=49847&edit=1
#48597 [Com]: Unclosed array keys break space escaping in $_GET/POST/REQUEST
ID: 48597 Comment by: chrisstocktonaz at gmail dot com Reported By: crmalibu at gmail dot com Status: Open Bug Type: *General Issues Operating System: * PHP Version: 5.*, 6CVS (2009-07-01) New Comment: Sorry for extra noise.. it seems my patch mixed the case of something like: Expected result: Array ( [goodvar___] => [goodarray] => Array ( [foo] => ) [badvar_] => ) Actual result: -- Array ( [goodvar___] => [goodarray] => Array ( [foo] => ) [badvar_ . [] => ) -- Edit this bug report at http://bugs.php.net/?id=48597&edit=1
#49840 [Fbk->Opn]: PHP_SELF returns incorrect value
ID: 49840 User updated by: lxd717 at gmail dot com Reported By: lxd717 at gmail dot com -Status: Feedback +Status: Open Bug Type: PHP options/info functions -Operating System: WINXP +Operating System: Apache/2.2.13 (Win32) PHP Version: 5.2.11 New Comment: version of web server: Apache/2.2.13 (Win32) useing IIS: not tested! Previous Comments: [2009-10-12 20:11:45] srina...@php.net also provide the version of web server are you using ? as bug #49825 mentions, are you seeing this issue with IIS as well ? if yes, then this bug will need to be moved as duplicate of 49825 . [2009-10-12 11:10:19] sjo...@php.net See also Bug #49825 PHP_SELF duplicate path. [2009-10-12 03:48:35] lxd717 at gmail dot com Actual result: -- /confucian/η??Õѧָ׷/test.php/confucian/???1??2?-|???/test. php [2009-10-12 03:47:14] lxd717 at gmail dot com Description: PHP_SELF returns incorrect value. I creat a folder with chinese, the path is '/confucian/西æ¹å²å¦èä½/', and then I check phpinfo(),I found that $_SERVER['PHP_SELF'] returns incorrect value. But folders Created in english found no errors. Reproduce code: --- file: test.php The script test.php was created in a non-english folder,such as '/confucian/西æ¹å²å¦èä½/'. Expected result: /confucian/%e8%a5%bf%e6%96%b9%e5%93%b2%e5%ad%a6%e8%91%97%e4%bd%9c/test.php or /confucian/西æ¹å²å¦èä½/test.php Actual result: -- /confucian/η??Õѧָ׷/index.php/confucian/???1??2?-|???/index.php -- Edit this bug report at http://bugs.php.net/?id=49840&edit=1
#49870 [NEW]: Installing TS PHP removes non-TS installation of PHP
From: sameer at codecurry dot com Operating system: Windows 2008 Server PHP version: 5.3.0 PHP Bug Type: *General Issues Bug description: Installing TS PHP removes non-TS installation of PHP Description: We have been using Apache with PHP. And this new project required developing on IIS+PHP. Issue, is the installing TS version of PHP removes non-TS installation of PHP affecting existing configured servers. I had Apache running with 5.2 and then when setting up IIS7 to run PHP the installer removed the files required by Apache server. Reproduce code: --- Expected result: The installer should not tamper the existing installation. Even when choosing to install the non-TS version of PHP, the installer removed the files installed by the previous TS version installer. I have discussed this here as well: http://forums.iis.net/t/1161449.aspx Currently I have IIS and Apache server both running on my Win 2008 x64 version. Actual result: -- Running thread-safe PHP MSI installer removes non-TS installation of PHP and vice-versa. -- Edit bug report at http://bugs.php.net/?id=49870&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49870&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49870&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49870&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49870&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49870&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49870&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49870&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49870&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49870&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49870&r=support Expected behavior: http://bugs.php.net/fix.php?id=49870&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49870&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49870&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49870&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49870&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=49870&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49870&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49870&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49870&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49870&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49870&r=mysqlcfg
#49843 [Com]: Application Failure httpd.exe 2.2.14.0 in php5ts.dll 5.2.11.11
ID: 49843 Comment by: morgan at nm dot ru Reported By: lakiluk60 at go2 dot pl Status: Feedback Bug Type: Apache2 related Operating System: Windows XP HE SP3 PHP Version: 5.2.11 New Comment: Description: Application Failure httpd.exe 2.2.14.0 in php5ts.dll 5.2.11.11 At library connection libmysql.dll from a package mysql versions 5.1.39 instead of from package delivery php 5.2.11 - phpinfo (); deduces that costs and version API 5.1.39 is connected but at a conclusion of any script falls apache, bring in release the version client API libraries 5.1. + also explain in what a problem mysql 5.1.39 apache 2.2.14 php 5.2.11 Previous Comments: [2009-10-12 16:12:56] lakiluk60 at go2 dot pl No script/no code is running. This is during start of Apache with PHP module! [2009-10-12 13:25:57] paj...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2009-10-12 13:03:53] lakiluk60 at go2 dot pl Assigned to "Apache2 related" [2009-10-12 13:02:59] lakiluk60 at go2 dot pl Description: Application Failure httpd.exe 2.2.14.0 in php5ts.dll 5.2.11.11 at offset 000f330d Windows XP Home Edition SP3 Apache 2.2.14 PHP 5.2.11 MySQL 5.1.30 Apache+PHP+MySQL installed from MSI/EXE packages. -- Edit this bug report at http://bugs.php.net/?id=49843&edit=1
