[PHP-BUG] Bug #64695 [NEW]: JSON_NUMERIC_CHECK has issues with strings that are numbers plus the letter e
From: keith at openx dot com
Operating system: CentOS/OSX
PHP version: 5.3.24
Package: JSON related
Bug Type: Bug
Bug description:JSON_NUMERIC_CHECK has issues with strings that are numbers
plus the letter e
Description:
So, it looks like that when you call json_encode with the
JSON_NUMERIC_CHECK
option on strings that have all numbers except for one letter 'e' PHP
throws a
warning:
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
It happens only on certain strings that make PHP think the number is very
large.
According to the docs the 'e' should be followed with +/-, but it seems
that
isn't the case.
This causes a problem whenever converting values that are, say, hashed with
SHA1.
Since the valid characters are [0-9][A-F], it's very possible to have a
value
that is: [0-9]e[0-9]
Test script:
---
'123343e871700');
var_dump(json_encode($t, JSON_NUMERIC_CHECK));
Expected result:
string(10) "{"test":"123343e871700"}"
Actual result:
--
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
string(10) "{"test":0}"
--
Edit bug report at https://bugs.php.net/bug.php?id=64695&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=64695&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=64695&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=64695&r=trysnapshottrunk
Fixed in SVN: https://bugs.php.net/fix.php?id=64695&r=fixed
Fixed in release: https://bugs.php.net/fix.php?id=64695&r=alreadyfixed
Need backtrace: https://bugs.php.net/fix.php?id=64695&r=needtrace
Need Reproduce Script: https://bugs.php.net/fix.php?id=64695&r=needscript
Try newer version: https://bugs.php.net/fix.php?id=64695&r=oldversion
Not developer issue:https://bugs.php.net/fix.php?id=64695&r=support
Expected behavior: https://bugs.php.net/fix.php?id=64695&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=64695&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=64695&r=submittedtwice
register_globals: https://bugs.php.net/fix.php?id=64695&r=globals
PHP 4 support discontinued: https://bugs.php.net/fix.php?id=64695&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=64695&r=dst
IIS Stability: https://bugs.php.net/fix.php?id=64695&r=isapi
Install GNU Sed:https://bugs.php.net/fix.php?id=64695&r=gnused
Floating point limitations: https://bugs.php.net/fix.php?id=64695&r=float
No Zend Extensions: https://bugs.php.net/fix.php?id=64695&r=nozend
MySQL Configuration Error: https://bugs.php.net/fix.php?id=64695&r=mysqlcfg
Bug #64695 [Com]: JSON_NUMERIC_CHECK has issues with strings that are numbers plus the letter e
Edit report at https://bugs.php.net/bug.php?id=64695&edit=1
ID: 64695
Comment by: keith at openx dot com
Reported by:keith at openx dot com
Summary:JSON_NUMERIC_CHECK has issues with strings that are
numbers plus the letter e
Status: Open
Type: Bug
Package:JSON related
Operating System: CentOS/OSX
PHP Version:5.3.24
Block user comment: N
Private report: N
New Comment:
So, I noticed on the is_numeric page that:
"Thus +0123.45e6 is a valid numeric value."
But can that be explained as to why that this? It breaks json_encode when
JSON_NUMERIC_CHECK is called in certain situations. The function
'is_numeric_string' returns the type 'double' for strings like "3e122345", and
that isn't a double.
My patch updated 'is_numeric_string' which might be too agressive. Maybe
updating
json.c is a better alternative.
Previous Comments:
----------------
[2013-04-23 04:15:14] keith at openx dot com
Description:
So, it looks like that when you call json_encode with the JSON_NUMERIC_CHECK
option on strings that have all numbers except for one letter 'e' PHP throws a
warning:
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
It happens only on certain strings that make PHP think the number is very
large.
According to the docs the 'e' should be followed with +/-, but it seems that
isn't the case.
This causes a problem whenever converting values that are, say, hashed with
SHA1.
Since the valid characters are [0-9][A-F], it's very possible to have a value
that is: [0-9]e[0-9]
Test script:
---
'123343e871700');
var_dump(json_encode($t, JSON_NUMERIC_CHECK));
Expected result:
string(10) "{"test":"123343e871700"}"
Actual result:
--
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
string(10) "{"test":0}"
--
Edit this bug report at https://bugs.php.net/bug.php?id=64695&edit=1
Bug #64695 [Com]: JSON_NUMERIC_CHECK has issues with strings that are numbers plus the letter e
Edit report at https://bugs.php.net/bug.php?id=64695&edit=1
ID: 64695
Comment by: keith at openx dot com
Reported by:keith at openx dot com
Summary:JSON_NUMERIC_CHECK has issues with strings that are
numbers plus the letter e
Status: Open
Type: Bug
Package:JSON related
Operating System: CentOS/OSX
PHP Version:5.3.24
Block user comment: N
Private report: N
New Comment:
So the new patch just updates json.c. Instead of throwing the warning and
setting
the value to 0, it makes the value a string. That way json_encode doesn't
change
a value that it possibly shouldn't.
Valid exponential notation values are converted.
php > $t = array('test' => '123343e871700');
php > var_dump(json_encode($t, JSON_NUMERIC_CHECK));
string(24) "{"test":"123343e871700"}"
php > $t = array('test' => '123343e1');
php > var_dump(json_encode($t, JSON_NUMERIC_CHECK));
string(16) "{"test":1233430}"
php > $t = array('test' => '1.03e-3');
php > var_dump(json_encode($t, JSON_NUMERIC_CHECK));
string(16) "{"test":0.00103}"
Previous Comments:
[2013-04-23 04:28:20] keith at openx dot com
So, I noticed on the is_numeric page that:
"Thus +0123.45e6 is a valid numeric value."
But can that be explained as to why that this? It breaks json_encode when
JSON_NUMERIC_CHECK is called in certain situations. The function
'is_numeric_string' returns the type 'double' for strings like "3e122345", and
that isn't a double.
My patch updated 'is_numeric_string' which might be too agressive. Maybe
updating
json.c is a better alternative.
[2013-04-23 04:15:14] keith at openx dot com
Description:
So, it looks like that when you call json_encode with the JSON_NUMERIC_CHECK
option on strings that have all numbers except for one letter 'e' PHP throws a
warning:
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
It happens only on certain strings that make PHP think the number is very
large.
According to the docs the 'e' should be followed with +/-, but it seems that
isn't the case.
This causes a problem whenever converting values that are, say, hashed with
SHA1.
Since the valid characters are [0-9][A-F], it's very possible to have a value
that is: [0-9]e[0-9]
Test script:
---
'123343e871700');
var_dump(json_encode($t, JSON_NUMERIC_CHECK));
Expected result:
string(10) "{"test":"123343e871700"}"
Actual result:
--
PHP Warning: json_encode(): double INF does not conform to the JSON spec,
encoded as 0 in php shell code on line 1
string(10) "{"test":0}"
--
Edit this bug report at https://bugs.php.net/bug.php?id=64695&edit=1
