Edit report at http://bugs.php.net/bug.php?id=50363&edit=1
ID: 50363
Updated by: fel...@php.net
Reported by: slusarz at curecanti dot org
Summary: Invalid parsing in convert.quoted-printable-decode
filter
-Status: Verified
+Status: Closed
Type: Bug
Package: Streams related
Operating System: *
PHP Version: 5.*, 6
-Assigned To:
+Assigned To: felipe
Block user comment: N
Private report: N
New Comment:
This bug has been fixed in SVN.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
Thank you for the report, and for helping us make PHP better.
Thanks for the patch! :)
Previous Comments:
------------------------------------------------------------------------
[2011-05-25 01:49:29] fel...@php.net
Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&revision=311407
Log: - Fixed bug #50363 (Invalid parsing in
convert.quoted-printable-decode filter)
Patch by: slusarz at curecanti dot org
------------------------------------------------------------------------
[2010-02-05 22:00:29] slusarz at curecanti dot org
Here's a patch that works for me. (Doesn't deal with the issue of the
duplicative q-p code in PHP, but at least in makes the filtering code
work with lowercase hex).
--- filters.c.old 2010-02-05 14:56:57.536943283 -0700
+++ filters.c 2010-02-05 14:51:11.353644566 -0700
@@ -1051,18 +1051,17 @@
} /* break is missing intentionally */
case 2: {
- unsigned int nbl;
-
if (icnt <= 0) {
goto out;
}
- nbl = (*ps >= 'A' ? *ps - 0x37 : *ps -
0x30);
- if (nbl > 15) {
+ if (!isxdigit((int) *ps)) {
err = PHP_CONV_ERR_INVALID_SEQ;
goto out;
- }
- next_char = (next_char << 4) | nbl;
+ }
+
+ next_char = (next_char << 4) | (*ps >=
'A' ? *ps - 0x37 : *ps - 0x30);
scan_stat++;
ps++, icnt--;
------------------------------------------------------------------------
[2009-12-02 22:39:58] j...@php.net
We have (if I counted right) 3 different implementations for
encoding/decoding quoted-printable. And unfortunately filters.c has the
buggy one which requires the encoded hex chars be upper-case, since this
works:
<?php
$foo = "Sauvegarder=C3=A9ussi(e)";
// $foo = "Sauvegarder=c3=a9ussi(e)"; // Does not work!
$b = fopen('php://temp', 'w+');
stream_filter_append($b, 'convert.quoted-printable-decode',
STREAM_FILTER_WRITE);
fwrite($b, $foo);
rewind($b);
fpassthru($b);
?>
------------------------------------------------------------------------
[2009-12-02 20:17:34] slusarz at curecanti dot org
Description:
------------
Using the quoted-printable-decode filter on a stream produces an error.
However, decoding the string using quoted_printable_decode() does not
fail.
The error is thrown whether stream_filter_append() is used or a while
!feof()/fwrite()/fread() loop is used.
Reproduce code:
---------------
$a = fopen('php://temp', 'r+');
fwrite($a, "SERVER: [ID job :3453 Backup rotation] Sauvegarde
r=c3=a9ussi(e)");
rewind($a);
$b = fopen('php://temp', 'r+');
$c = stream_filter_append($b, 'convert.quoted-printable-decode',
STREAM_FILTER_WRITE);
stream_copy_to_stream($a, $b);
rewind($b);
fpassthru($b);
stream_filter_remove($c);
rewind($a);
rewind($b);
fwrite($b, quoted_printable_decode(stream_get_contents($a)));
rewind($b);
fpassthru($b);
Expected result:
----------------
SERVER: [ID job :3453 Backup rotation] Sauvegarde réussi(e)
SERVER: [ID job :3453 Backup rotation] Sauvegarde réussi(e)
Actual result:
--------------
PHP Warning: stream_copy_to_stream(): stream filter
(convert.quoted-printable-decode): invalid byte sequence in
/tmp/test.php on line 8
SERVER: [ID job :3453 Backup rotation] Sauvegarde réussi(e)
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=50363&edit=1
