Bug #47968 [Com]: id3_get_tag memory problem
Edit report at https://bugs.php.net/bug.php?id=47968edit=1 ID: 47968 Comment by: wenhaoz at qq dot com Reported by:lax4mike at gmail dot com Summary:id3_get_tag memory problem Status: Bogus Type: Bug Package:Reproducible crash Operating System: Windows PHP Version:5.2.9 Block user comment: N Private report: N New Comment: It has no business to do with memory. Previous Comments: [2009-04-14 17:49:04] paj...@php.net Not a bug, (increase your memory limit). Also this extension is in pecl, please report further issues in pecl.php.net. [2009-04-14 17:27:18] lax4mike at gmail dot com Description: There seems to be a problem with id3_get_tag with mp3's that contain album art images. I seem to get the following error only on those mp3's: Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 1852404086 bytes) Reproduce code: --- $tag = id3_get_tag(mp3-with-album-art-image.mp3); Actual result: -- Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 1852404086 bytes) -- Edit this bug report at https://bugs.php.net/bug.php?id=47968edit=1
[PHP-BUG] Bug #55438 [NEW]: race condition: curlwapper is not sending http header randomly
From:
Operating system: gentoo
PHP version: 5.3.6
Package: cURL related
Bug Type: Bug
Bug description:race condition: curlwapper is not sending http header randomly
Description:
background: php is configured with curl wrapper, which make
file_get_contents
use curl. i haven't tested with calling curl functions directly
php unset curl header too soon before curl make the request
expected order: set header, build and send request. unset header
actual order 1: set header, build and send request. unset header (good)
actual order 2: set header, unset header, build and send request (bad)
send request comes after php unset header
curl behavior randomly, by sending request before or after php unset the
header
Test script:
---
#!/usr/lib/php5.3/bin/php
?php
for (;;) {
$username = 'test1';
$password = mt_rand(0, 9) .
'';
$authUrl = http://localhost/;;
$context = stream_context_create(array(
'http' = array(
'header' = Authorization: Basic
. base64_encode($username:$password)
)
));
$http_response_header = array();
$data = file_get_contents($authUrl, false, $context);
sleep(1);
}
?
tcpdump -nilo dst port 80 -w- -s0
Expected result:
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
Actual result:
--
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
gdb --args /usr/lib/php5.3/bin/php.debug test.php
(gdb) l
/usr/src/debug/dev-lang/php-5.3.6/sapis-build/cli/ext/curl/streams.c:367
360 slist =
curl_slist_append(slist,
trimmed);
361 efree(trimmed);
362 p = php_strtok_r(NULL,
\r\n,
token);
363 }
364 efree(copy_ctx_opt);
365 }
366 if (slist) {
367 curl_easy_setopt(curlstream-curl,
CURLOPT_HTTPHEADER, slist);
368 }
369 }
370 if (SUCCESS ==
php_stream_context_get_option(context,
http, method, ctx_opt) Z_TYPE_PP(ctx_opt) == IS_STRING) {
371 if (strcasecmp(Z_STRVAL_PP(ctx_opt),
get)) {
372 if
(!strcasecmp(Z_STRVAL_PP(ctx_opt),
head)) {
373
curl_easy_setopt(curlstream-
curl, CURLOPT_NOBODY, 1);
374 } else {
(gdb) l
/usr/src/debug/dev-lang/php-5.3.6/sapis-build/cli/ext/curl/streams.c:501
494 if (msg_found) {
495 goto exit_fail;
496 }
497 }
498
499 /* context headers are not needed anymore */
500 if (slist) {
501 curl_easy_setopt(curlstream-curl,
CURLOPT_HTTPHEADER,
NULL);
502 curl_slist_free_all(slist);
503 }
504 return stream;
505
506 exit_fail:
507 php_stream_close(stream);
508 if (slist) {
(gdb) br 367
Breakpoint 1 at 0x1c59c9: file /usr/src/debug/dev-lang/php-5.3.6/sapis-
build/cli/ext/curl/streams.c, line 367.
(gdb) br 501
Breakpoint 2 at
Bug #55438 [Com]: race condition: curlwapper is not sending http header randomly
Edit report at https://bugs.php.net/bug.php?id=55438edit=1
ID: 55438
Comment by: xuefer at gmail dot com
Reported by:xuefer at gmail dot com
Summary:race condition: curlwapper is not sending http
header randomly
Status: Open
Type: Bug
Package:cURL related
Operating System: gentoo
PHP Version:5.3.6
Block user comment: N
Private report: N
New Comment:
sorry for the mismatch http url string. i was trying to remove some string for
privacy
Previous Comments:
[2011-08-17 11:38:50] xuefer at gmail dot com
Description:
background: php is configured with curl wrapper, which make file_get_contents
use curl. i haven't tested with calling curl functions directly
php unset curl header too soon before curl make the request
expected order: set header, build and send request. unset header
actual order 1: set header, build and send request. unset header (good)
actual order 2: set header, unset header, build and send request (bad)
send request comes after php unset header
curl behavior randomly, by sending request before or after php unset the header
Test script:
---
#!/usr/lib/php5.3/bin/php
?php
for (;;) {
$username = 'test1';
$password = mt_rand(0, 9) .
'';
$authUrl = http://localhost/;;
$context = stream_context_create(array(
'http' = array(
'header' = Authorization: Basic .
base64_encode($username:$password)
)
));
$http_response_header = array();
$data = file_get_contents($authUrl, false, $context);
sleep(1);
}
?
tcpdump -nilo dst port 80 -w- -s0
Expected result:
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
Actual result:
--
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6MTQzNjEuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
Authorization: Basic
dGVzdDE6NTY3MDQuLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4u
Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4=
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
GET / HTTP/1.1
User-Agent: PHP/5.3.6-pl0-gentoo
Host: localhost
Accept: */*
gdb --args /usr/lib/php5.3/bin/php.debug test.php
(gdb) l /usr/src/debug/dev-lang/php-5.3.6/sapis-build/cli/ext/curl/streams.c:367
360 slist =
curl_slist_append(slist,
trimmed);
361 efree(trimmed);
362 p = php_strtok_r(NULL, \r\n,
token);
363 }
364 efree(copy_ctx_opt);
365 }
366 if (slist) {
367 curl_easy_setopt(curlstream-curl,
CURLOPT_HTTPHEADER, slist);
368 }
369 }
370 if (SUCCESS == php_stream_context_get_option(context,
http, method, ctx_opt) Z_TYPE_PP(ctx_opt) == IS_STRING) {
371 if (strcasecmp(Z_STRVAL_PP(ctx_opt), get)) {
372 if (!strcasecmp(Z_STRVAL_PP(ctx_opt),
head)) {
373 curl_easy_setopt(curlstream-
curl, CURLOPT_NOBODY, 1);
374 } else {
(gdb) l /usr/src/debug/dev-lang/php-5.3.6/sapis-build/cli/ext/curl/streams.c:501
494 if (msg_found) {
495 goto exit_fail;
496 }
497 }
498
499 /*
Bug #55431 [Fbk-Csd]: SIGSEV11 mysqli_result::fetch_fields
Edit report at https://bugs.php.net/bug.php?id=55431edit=1 ID: 55431 User updated by:lgandras at gmail dot com Reported by:lgandras at gmail dot com Summary:SIGSEV11 mysqli_result::fetch_fields -Status: Feedback +Status: Closed Type: Bug Package:Reproducible crash Operating System: Cent OS 5.6 PHP Version:5.3.6 Block user comment: N Private report: N New Comment: This is a duplicate of https://bugs.php.net/bug.php?id=55414 Previous Comments: [2011-08-16 03:57:23] larue...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with ?php and ends with ?, is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2011-08-16 01:21:39] lgandras at gmail dot com Definitively the problematic function is mysqli_result::fetch_fields [2011-08-16 01:12:32] lgandras at gmail dot com Description: Hi, I was using phpunit 3.5.13 during this crash. I'm executing a query of type SHOW CREATE TABLE `name`. I'm also using Zend framework 1.11.6. This means the query es being executed using prepare. I believe this has something to do with the fact that the field returned by mysql has a space in between Create table. I've got to have a crash executing the same query in other environment, but without being able to reproduce. That time the error came up executing mysqli_result::fetch_fields. This time i don't really know. './configure' '--disable-fileinfo' '--disable-pdo' '--disable-phar' '--enable-bcmath' '--enable-calendar' '--enable-ftp' '--enable-libxml' '--enable-magic-quotes' '--enable-mbstring' '--enable-pcntl' '--enable-shmop' '--enable-soap' '--enable-sockets' '--enable-sysvmsg' '--enable-sysvsem' '--enable-sysvshm' '--enable-zip' '--prefix=/usr' '--with-curl=/opt/curlssl/' '--with-gd' '--with-imap=/opt/php_with_imap_client/' '--with-imap-ssl=/usr' '--with-jpeg-dir=/usr' '--with-kerberos' '--with-libxml-dir=/opt/xml2' '--with-libxml-dir=/opt/xml2/' '--with-mcrypt=/opt/libmcrypt/' '--with-mysql=/usr' '--with-mysql-sock=/var/lib/mysql/mysql.sock' '--with-mysqli=/usr/bin/mysql_config' '--with-openssl=/usr' '--with-openssl-dir=/usr' '--with-pcre-regex=/opt/pcre' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--with-zlib' '--with-zlib-dir=/usr' '--without-sqlite3' #0 0x0841f2e8 in add_property_string_ex (arg=0xa2cce98, key=0x87ad4cc catalog, key_len=8, str=0x79726100 Address 0x79726100 out of bounds, duplicate=1) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_API.c:1524 #1 0x081d7628 in php_add_field_properties (value=0xa2cce98, field=0x9c65874) at /home/cpeasyapache/src/php-5.3.6/ext/mysqli/mysqli_api.c:1056 #2 0x081d79b7 in zif_mysqli_fetch_fields (ht=0, return_value=0xa2ea190, return_value_ptr=0x0, this_ptr=0xa2ea310, return_value_used=1) at /home/cpeasyapache/src/php-5.3.6/ext/mysqli/mysqli_api.c:1114 #3 0x0844632f in zend_do_fcall_common_helper_SPEC (execute_data=0x9c16e40) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:316 #4 0x08446f6b in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x9c16e40) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:421 #5 0x084456fe in execute (op_array=0xa022ae8) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:107 #6 0x0840b5a3 in zend_call_function (fci=0xbf80a798, fci_cache=0xbf80a784) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_execute_API.c:964 #7 0x081ed8f6 in zim_reflection_method_invokeArgs (ht=2, return_value=0xa2eb2fc, return_value_ptr=0x0, this_ptr=0xa2eb450, return_value_used=1) at /home/cpeasyapache/src/php-5.3.6/ext/reflection/php_reflection.c:2745 #8 0x0844632f in zend_do_fcall_common_helper_SPEC (execute_data=0x9c15a18) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:316 #9 0x08446f6b in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x9c15a18) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:421 #10 0x084456fe in execute (op_array=0xa18b944) at /home/cpeasyapache/src/php-5.3.6/Zend/zend_vm_execute.h:107 #11 0x08419b44 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/cpeasyapache/src/php-5.3.6/Zend/zend.c:1194 #12 0x083ad584 in php_execute_script (primary_file=0xbf80cc94) at /home/cpeasyapache/src/php-5.3.6/main/main.c:2268 #13 0x084e6f64 in main (argc=2, argv=0xbf80cdf4) at
[PHP-BUG] Bug #55439 [NEW]: crypt() returns only the salt for MD5
From:
Operating system: Linux
PHP version: 5.3.7RC5
Package: *Encryption and hash functions
Bug Type: Bug
Bug description:crypt() returns only the salt for MD5
Description:
If crypt() is executed with MD5 salts, the return value conists of the salt
only.
DES and BLOWFISH salts work as expected.
I tested with php from openSUSE PHP5 repository
php -v
PHP 5.3.7RC6-dev (cli)
rpm -q php5
php5-5.3.6.201108112132-94.1.x86_64
Test script:
---
printf(MD5: %s\n, crypt('password', '$1$U7AjYB.O$'));
Expected result:
MD5: $1$U7AjYB.O$L1N7ux7twaMIMw0En8UUR1
Actual result:
--
MD5: $1$U7AjYB.O
--
Edit bug report at https://bugs.php.net/bug.php?id=55439edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55439r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55439r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55439r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55439r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55439r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55439r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55439r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55439r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55439r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55439r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55439r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55439r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55439r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55439r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55439r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=55439r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55439r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55439r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55439r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55439r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55439r=mysqlcfg
[PHP-BUG] Req #55440 [NEW]: Internal state of the execution engine
From: Operating system: PHP version: 5.3.6 Package: *General Issues Bug Type: Feature/Change Request Bug description:Internal state of the execution engine Description: While developing in PHP, I've learned that the execution engine is sometimes set in special states that alter its capabilities. As far as I know, their is no way for us developers to write code that test for one of these particular state and branch code appropriately. By special state, I mean : - execute/compile stage, where for eg autoloading doesn't work (http://bugs.php.net/42098), - outside/inside output buffering handler, where for eg print_r($v, true) doesn't work (http://bugs.php.net/55428), - before/after shutdown time, where for eg uncatched exceptions generate the cryptic Fatal error: Exception thrown without a stack frame in Unknown on line 0 and set_exception_handler() is disabled. Adding a centralized way to check for these states is maybe a good idea ? For example, get_engine_state( void ) would return a bit field, each bit for each possible state? -- Edit bug report at https://bugs.php.net/bug.php?id=55440edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55440r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55440r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55440r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55440r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55440r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55440r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55440r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55440r=needscript Try newer version: https://bugs.php.net/fix.php?id=55440r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55440r=support Expected behavior: https://bugs.php.net/fix.php?id=55440r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55440r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55440r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55440r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55440r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=55440r=dst IIS Stability: https://bugs.php.net/fix.php?id=55440r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55440r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55440r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55440r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55440r=mysqlcfg
[PHP-BUG] Bug #55441 [NEW]: \Phar::createDefaultStub() does not handle its arguments
From:
Operating system: MacOS X 10.6.8
PHP version: 5.3.6
Package: PHAR related
Bug Type: Bug
Bug description:\Phar::createDefaultStub() does not handle its arguments
Description:
\Phar::createDefaultStub() takes two optional arguments.
With these arguments, the user can defined file in phar archive which will
be used
in stub.
However, these arguments seems to be not used by
\Phar::createDefaultStub().
Test script:
---
?php
# In CLI, do php -d phar.readonly=0 path/to/this/script to generate
my.phar.
# In CLI, do php my.phar
$phar = new \phar('my.phar');
$phar['stub.php'] = '?php echo 'This is the stub !'; ?';
$phar-createDefaultStub('stub.php');
Expected result:
This is the stub !
Actual result:
--
PHP Warning: include(phar:///path/to/my.phar/index.php): failed to open
stream:
phar error: index.php is not a file in phar /path/to/my.phar in
/path/to/my.phar on line 9
--
Edit bug report at https://bugs.php.net/bug.php?id=55441edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55441r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55441r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55441r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55441r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55441r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55441r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55441r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55441r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55441r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55441r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55441r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55441r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55441r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55441r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55441r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=55441r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55441r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55441r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55441r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55441r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55441r=mysqlcfg
Bug #54114 [Com]: Output Buffer Dumps Data On Error
Edit report at https://bugs.php.net/bug.php?id=54114edit=1
ID: 54114
Comment by: nicolas dot grekas+php at gmail dot com
Reported by:danhstevens at gmail dot com
Summary:Output Buffer Dumps Data On Error
Status: Open
Type: Bug
Package:Output Control
Operating System: all
PHP Version:5.3.5
Block user comment: N
Private report: N
New Comment:
Here is an other example that can't be workaround using danhstevens' technique:
?php
function my_shutdown()
{
echo secret\n;
throw new Exception;
}
function ob_custom_filter($b)
{
return str_replace('secret', '**', $b);
}
register_shutdown_function('my_shutdown');
ob_start('ob_custom_filter');
?
Previous Comments:
[2011-03-10 19:41:28] danhstevens at gmail dot com
I've found a viable work-around for this bug (although a patch of the core
would still be ideal so people don't discover this potential security issue the
hard-way).
By registering the following shutdown handler before any output buffering the
dump of data can be prevented:
?php
function shutdown_fn()
{
//If ob_start has been called at least once
if(ob_get_level() 1)
{
//Prevent data in buffer from dumping
ob_end_clean();
}
}
register_shutdown_function('shutdown_fn');
Now when using the examples above that normally cause the buffer to dump to the
client the buffer data is disposed of. Of course, this can be extended to use
ob_get_contents and redirect the data to file or other means if necessary. This
approach is working for me (on PHP 5.3.5).
~Dan
[2011-03-06 16:51:52] neweracracker at gmail dot com
I've managed to reproduce this in Windows 7 running php 5.2.17 (with
php.ini-dist) and php 5.3.5 (with php.ini-development).
Here is my test script:
?php
set_time_limit(1);
ob_start();
echo You shouldn't see this!;
sleep(2); //comment this and you won't see the line above in output ;)
ob_end_clean();
?
I've reported this as bug #54174 which got closed due being a dupe of this one
so I am leaving this comment here for reference purposes.
Regards,
NewEraCracker.
[2011-02-28 21:40:36] danhstevens at gmail dot com
Hi Rasmus,
I was still able to create the problem by calling on a non-existing class to
create a fatal error. Here is a variation of your code:
function eh($errno, $errstr, $errfile, $errline) {
$contents = ob_get_contents();
ob_end_clean();
echo Error: $errno, $errstr, $errfile, $errline\n;
}
set_error_handler('eh');
ob_start();
echo 123;
nonExistantClass::nonExistantMethod();
echo After error\n;
Output is:
123
Fatal error: Class 'nonExistantClass' not found in ...
Hopefully the above should more accurately illustrate the issue.
[2011-02-28 19:37:32] ras...@php.net
I am unable to reproduce this. My test script:
?php
function eh($errno, $errstr, $errfile, $errline) {
$contents = ob_get_contents();
ob_end_clean();
echo Error: $errno, $errstr, $errfile, $errline\n;
}
set_error_handler('eh');
ob_start();
echo 123;
trigger_error('test error', E_USER_ERROR);
echo After error\n;
And my output is:
Error: 256, test error, /var/www/testing/o.php, 10
After error
No sign of 123 there.
[2011-02-28 07:43:46] danhstevens at gmail dot com
Description:
When output buffering is turned on (via ob_start()) and an error is encountered
before a call to ob_end_* is called the entire contents of the output buffer is
dumped (to STDOUT) and there appears to be no way to prevent the buffer from
dumping - not even by setting an error handler, etc.
This is a security issue since the output buffer may contain sensitive
information that is them dumped over to the user. Using set_error_handler does
not stop the dump - it appears the dump simply happens with no way to intercept
or prevent it.
Test script:
---
?php
ob_start();
echo 123;
trigger_error('test error', E_USER_ERROR);
$contents = ob_get_contents();
ob_end_clean();
?
Expected result:
(no output)
Actual result:
--
123
Fatal error: test error in ...
--
Edit this bug report at https://bugs.php.net/bug.php?id=54114edit=1
Bug #50547 [Com]: SoapServer Fatal errror in WSDL mode
Edit report at https://bugs.php.net/bug.php?id=50547edit=1 ID: 50547 Comment by: chinigo at gmail dot com Reported by:rsumibcay at reddoor dot biz Summary:SoapServer Fatal errror in WSDL mode Status: Open Type: Bug Package:SOAP related Operating System: Ubuntu Linux PHP Version:5.2.12 Block user comment: N Private report: N New Comment: mdekrijger's suggestion about disabling Xdebug worked for me too. Adding xdebug_disable() immediately before the SOAP call resulted in a Fatal SOAP error being converted to a catchable SOAP fault. Previous Comments: [2011-02-24 16:00:36] mdekrijger at e-sites dot nl Xdebug might be the problem. When using xdebug_disable() before calling the handle() method, the server responds with a proper SOAP message which says that something went wrong. [2011-02-24 09:54:31] mdekrijger at e-sites dot nl Does anyone have an alternative solution for this problem? (while this bug remains open?) We really want to provide some information about the wrong type in the return soap response. So implementing our SOAP services would be a much easier job. [2010-02-01 09:48:05] jitka at darbujanova dot cz I can confirm this. (http://bugs.php.net/bug.php?id=50895) [2009-12-21 20:18:01] rsumibcay at reddoor dot biz Description: SoapServer dies with fatal error in WSDL mode when a soap argument is a ComplexType with a member defined as int in the XSD, but the member value is passed as a non-numeric string. Reproduce code: --- 1. Define a ComplexType with an int data member: http://crkt190.reddoor.biz/fatalerror/complex_types.xsd 2. Define a WSDL that uses the ComplexType as an argument to the soap function: http://crkt190.reddoor.biz/fatalerror/fatalerror.wsdl 3. Create a soap envelope with a non-numeric string as the value for the int data member: http://crkt190.reddoor.biz/fatalerror/fatalerror-soap-envelope.xml 4. Make a soap request using the soap envelope in step 3. Expected result: The SoapServer should not die with a fatal error. The SoapServer should respond with a SoapFault, or let the call pass through so the business logic (mapped handler) can do validation and handle the error appropriately. Actual result: -- 500 HTTP response from server. The HTTP response body contains an error message and stack trace. Fatal error: SOAP-ERROR: Encoding Violation of encoding rules in ... -- Edit this bug report at https://bugs.php.net/bug.php?id=50547edit=1
[PHP-BUG] Bug #55442 [NEW]: ID3-0.2 Comments tag.
From:
Operating system: Federa 13
PHP version: 5.3.6
Package: Unknown/Other Function
Bug Type: Bug
Bug description:ID3-0.2 Comments tag.
Description:
---
THe Comments tag (COMM) is not appearing in ID3-0.2. I have verified that
the Comments tag is not null in EasyTag, Kid3 or a Flash application I have
that reads ID3 Tags.
---
Test script:
---
?
$tag_version = id3_get_version($new_mp3_file);
if ($tag_version ID3_V1_0) {
echo div class=\text\This file contains a 1.x tag/div;
}
if ($tag_version ID3_V1_1) {
echo div class=\text\This file contains a 1.1 tag/div;
}
if ($tag_version ID3_V2) {
echo div class=\text\This file contains a 2.x tag/div;
}
if ($tag_version ID3_V2_3) {
echo div class=\text\This file contains a 2.3 tag/div;
}
if ($tag_version ID3_V2_4) {
echo div class=\text\This file contains a 2.4 tag/div;
}
echo br /;
$tag = id3_get_tag($new_mp3_file);
while(list($key,$value) = each($tag)){
echo div class=\text\$key: $value; if($key == genre){echo ( .
id3_get_genre_name($value) . );} echo /div;
}
unlink($new_mp3_file);
?
Expected result:
The comments tag should display in the tag output.
Actual result:
--
This file contains a 1.x tag
This file contains a 1.1 tag
This file contains a 2.3 tag
This file contains a 2.4 tag
encoderSettings: LAME 32bits version 3.98.2 (http://www.mp3dev.org/)
length: 27414
title: My name is Sulaiman The WordSmith
artist: Sulaiman The WordSmith
album: What Is A WordSmith
recTime: 2010
track: 03/03
genre: 7 (Hip-Hop)
composer: Sulaiman The WordSmith
originalArtist: Sulaiman The WordSmith
copyright: U.S: PAU003376550 / 1-407766721
encodedBy: Lame
webOffPubl: http://thewordsmith.info
webOffAudioFile: http://thewordsmith.info
webOffAudioSrc: http://thewordsmith.info
webOffIRS: http://thewordsmith.info
publisher: The WordSmith World Wide
mood: Educational
webOffArtist: http://thewordsmith.info
language: EN
--
Edit bug report at https://bugs.php.net/bug.php?id=55442edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55442r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55442r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55442r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55442r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55442r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55442r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55442r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55442r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55442r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55442r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55442r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55442r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55442r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55442r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55442r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=55442r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55442r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55442r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55442r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55442r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55442r=mysqlcfg
[PHP-BUG] Req #55443 [NEW]: 4nd params double_encode
From: Operating system: any PHP version: 5.3.6 Package: *General Issues Bug Type: Feature/Change Request Bug description:4nd params double_encode Description: Path in Bug #43101: htmlentities(): double_quote vs. double_encode typo --- From manual page: http://www.php.net/function.htmlspecialchars%23%D0%9E%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5 --- four params double_encode=true|false present in real, and absent in documentation Test script: --- $links_str = http://ya.ru?q=searchamp;mmm; $links_str = htmlspecialchars($links_str,ENT_COMPAT,'UTF-8',$double_encode=false); -- Edit bug report at https://bugs.php.net/bug.php?id=55443edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55443r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55443r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55443r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55443r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55443r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55443r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55443r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55443r=needscript Try newer version: https://bugs.php.net/fix.php?id=55443r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55443r=support Expected behavior: https://bugs.php.net/fix.php?id=55443r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55443r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55443r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55443r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55443r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=55443r=dst IIS Stability: https://bugs.php.net/fix.php?id=55443r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55443r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55443r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55443r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55443r=mysqlcfg
Bug #46025 [Com]: zend_bailout can deadlock APC
Edit report at https://bugs.php.net/bug.php?id=46025edit=1 ID: 46025 Comment by: pierre at archlinux dot de Reported by:askalski at gmail dot com Summary:zend_bailout can deadlock APC Status: Feedback Type: Bug Package:Reproducible crash Operating System: redhat PHP Version:5.2.6 Assigned To:gopalv Block user comment: N Private report: N New Comment: This issue is still reproducable using php-fpm and PHP 5.3.6 with APC 3.1.9 Previous Comments: [2010-11-07 21:08:38] fel...@php.net Gopal, this issue has been already fixed? [2010-06-24 18:52:07] askalski at gmail dot com A note about the above patches: They work with the stable 3.0.19 release of APC, but not the beta 3.1.3p1. In the beta version, compilation was moved inside a HANDLE_BLOCK_INTERRUPTIONS/HANDLE_UNBLOCK_INTERRUPTIONS block, so the zend_bailout deferral is no longer safe. For example, a syntax error in the script will result in a partially compiled opcode array to be cached in APC. I don't yet have an alternate solution. [2010-05-31 06:54:14] askalski at gmail dot com I uploaded patches against the latest 5.1, 5.2, and 5.3 versions of PHP, for sites with production issues that can't afford to wait years for an upstream fix. [2009-10-21 18:42:04] askalski at gmail dot com We are using a modified 5.2 in production, so a patch against 5.2.11 (the latest release in that series) would be good. Thanks, Andy [2009-10-21 18:01:00] sh...@php.net Lucas Nealan and I are working on fixing some items in the signals patch, and would like to push forward on this getting integrated in core. Would you be willing to try the patch for PHP to see if it corrects your problem? It would be of great use to know that it fixes your specific issue. If so let me know which specific version of PHP you want a patch against and I'll make sure we get you the latest one that cleanly patches against it. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=46025 -- Edit this bug report at https://bugs.php.net/bug.php?id=46025edit=1
[PHP-BUG] Bug #55444 [NEW]: trans-sid enabled; PHPSESSID inserted after end of href on links
From:
Operating system: Ubuntu 10.04.3 LTS
PHP version: Irrelevant
Package: Session related
Bug Type: Bug
Bug description:trans-sid enabled; PHPSESSID inserted after end of href on links
Description:
In more detail, OS:
Linux 2.6.32-32-server x86_64 #62-Ubuntu SMP Wed Apr 20 22:07:43 UTC 2011
PHP 5.3.2-1ubuntu4.9 with Suhosin-Patch (cli) (built: May 3 2011
00:45:52)
This is the standard PHP package from Ubuntu Lucid's main repo. I did not
compile it. I have enabled the trans-
sid option.
When generating a long list of links, occasionally the trans-sid function
will
miss the end of the href
attribute and add ?PHPSESSID=73...07 outside the closing double quote
mark.
eg:
tda href=index.php?
area=gallerypage=edit_photofile=gallery_36.jpgamp;PHPSESSID=73...07img
src=images/edit.png /gallery_36.jpg/a/td
...
tda href=index.php?area=gallerypage=edit_photofile=gallery_37.jpg?
PHPSESSID=73...07img
src=images/edit.png /gallery_37.jpg/a/td
Note that since it is outside the quote mark, it is generated with a ?
instead
of amp;. This reliably
happens on the gallery_37.jpg link, and the gallery_18.jpg link, and a
few
others.
Test script:
---
The relevant loop:
while ($row = mysql_fetch_assoc($result)) {
$file = sanitise_html($row[filename]);
$title = sanitise_html($row[title]);
?
tr
tda
href=index.php?area=gallerypage=edit_photofile=?=$file?img
src=images/edit.png /?=$file?/a/td
td?=$title?/td
tda
href=index.php?area=gallerypage=delete_photofile=?=$file?img
src=images/delete.png //a/td
/tr
?
}
Expected result:
In the example above, I would expect:
amp;PHPSESSID=73...07
to be added to the end of every link, in the proper place, *inside* the end
of the
href attribute.
Actual result:
--
On some links, the PHPSESSID appears *outside* the end of the href
attribute. This
causes the PHPSESSID not to be included in the link.
--
Edit bug report at https://bugs.php.net/bug.php?id=55444edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55444r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55444r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55444r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55444r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55444r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55444r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55444r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55444r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55444r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55444r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55444r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55444r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55444r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55444r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55444r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=55444r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55444r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55444r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55444r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55444r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55444r=mysqlcfg
[PHP-BUG] Bug #55445 [NEW]: Short echo tag still depends on short_open_tag setting
From: sixd Operating system: All PHP version: 5.4SVN-2011-08-17 (SVN) Package: *General Issues Bug Type: Bug Bug description:Short echo tag still depends on short_open_tag setting Description: Use of ?= still depends on short_open_tag. Also note the NEWS file regarding this change references short_tags which is the internal GC() name. It says: - ?= is now always available regardless of the short_tags setting (Rasmus) Test script: --- ?php $u = chris; ?pWelcome ?= $u ?/p Expected result: $ php54 -d short_open_tag=0 t.php pWelcome chris/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p Actual result: -- $ php54 -d short_open_tag=0 t.php pWelcome ?= $u ?/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p -- Edit bug report at https://bugs.php.net/bug.php?id=55445edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55445r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55445r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55445r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55445r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55445r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55445r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55445r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55445r=needscript Try newer version: https://bugs.php.net/fix.php?id=55445r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55445r=support Expected behavior: https://bugs.php.net/fix.php?id=55445r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55445r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55445r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55445r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55445r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=55445r=dst IIS Stability: https://bugs.php.net/fix.php?id=55445r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55445r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55445r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55445r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55445r=mysqlcfg
Bug #55445 [Opn-Asn]: Short echo tag still depends on short_open_tag setting
Edit report at https://bugs.php.net/bug.php?id=55445edit=1 ID: 55445 Updated by: col...@php.net Reported by:s...@php.net Summary:Short echo tag still depends on short_open_tag setting -Status: Open +Status: Assigned Type: Bug Package:*General Issues Operating System: All PHP Version:5.4SVN-2011-08-17 (SVN) -Assigned To: +Assigned To:colder Block user comment: N Private report: N Previous Comments: [2011-08-17 22:44:56] s...@php.net Description: Use of ?= still depends on short_open_tag. Also note the NEWS file regarding this change references short_tags which is the internal GC() name. It says: - ?= is now always available regardless of the short_tags setting (Rasmus) Test script: --- ?php $u = chris; ?pWelcome ?= $u ?/p Expected result: $ php54 -d short_open_tag=0 t.php pWelcome chris/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p Actual result: -- $ php54 -d short_open_tag=0 t.php pWelcome ?= $u ?/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p -- Edit this bug report at https://bugs.php.net/bug.php?id=55445edit=1
Bug #55445 [Asn-Csd]: Short echo tag still depends on short_open_tag setting
Edit report at https://bugs.php.net/bug.php?id=55445edit=1 ID: 55445 Updated by: col...@php.net Reported by:s...@php.net Summary:Short echo tag still depends on short_open_tag setting -Status: Assigned +Status: Closed Type: Bug Package:*General Issues Operating System: All PHP Version:5.4SVN-2011-08-17 (SVN) Assigned To:colder Block user comment: N Private report: N New Comment: This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. For Windows: http://windows.php.net/snapshots/ Thank you for the report, and for helping us make PHP better. Previous Comments: [2011-08-17 23:49:58] col...@php.net Automatic comment from SVN on behalf of colder Revision: http://svn.php.net/viewvc/?view=revisionamp;revision=315119 Log: Fix bug #55445 (Incomplete implementation of lt;?= being independant of short_open_tag) [2011-08-17 22:44:56] s...@php.net Description: Use of ?= still depends on short_open_tag. Also note the NEWS file regarding this change references short_tags which is the internal GC() name. It says: - ?= is now always available regardless of the short_tags setting (Rasmus) Test script: --- ?php $u = chris; ?pWelcome ?= $u ?/p Expected result: $ php54 -d short_open_tag=0 t.php pWelcome chris/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p Actual result: -- $ php54 -d short_open_tag=0 t.php pWelcome ?= $u ?/p $ php54 -d short_open_tag=1 t.php pWelcome chris/p -- Edit this bug report at https://bugs.php.net/bug.php?id=55445edit=1
Bug #55283 [Com]: SSL options set by mysqli_ssl_set ignored for MySQLi persistent connections
Edit report at https://bugs.php.net/bug.php?id=55283edit=1
ID: 55283
Comment by: spam2 at rhsoft dot net
Reported by:aleksey at wepay dot com
Summary:SSL options set by mysqli_ssl_set ignored for MySQLi
persistent connections
Status: Verified
Type: Bug
Package:MySQLi related
Operating System: Cent OS
PHP Version:5.3.6
Assigned To:mysql
Block user comment: N
Private report: N
New Comment:
well i guess this change results in connections hanging around and
after a hughe timeout filling my mailbox with cron-mails since
upgraded to 5.3.7 using MYSQLND so Changing mysqli to make libmysql happy will
cause leaks with mysqlnd seems to be true - but why done this change if
knowing it?
mysqlnd 5.0.8-dev - 20102224 - $Revision: 310735 $
without ssl_set() all works fine but unencyrpted
how can i revert this change for the 5.3.7-final.tar.bz2?
___
MySQL server has gone away
$this-ssl_key = '/etc/mysql-ssl/client.pem';
$this-ssl_crt = '/etc/mysql-ssl/client.pem';
$this-ssl_ca = '/etc/mysql-ssl/ca.crt';
$conn-ssl_set($this-ssl_key, $this-ssl_crt, $this-ssl_ca, NULL, NULL);
Previous Comments:
[2011-08-05 13:39:28] and...@php.net
Automatic comment from SVN on behalf of andrey
Revision: http://svn.php.net/viewvc/?view=revisionamp;revision=314330
Log: Fix for bug #55283 SSL options set by mysqli_ssl_set ignored for MySQLi
persistent connections
[2011-08-05 13:17:59] u...@php.net
The actual issue here is in mysqlnd (or in the mysqli user API, however you put
it :-)): if using mysqli_init() to create a connection object we don't yet know
if it needs to be persistent or not. mysqli was changed to meet the needs of
mysqlnd. Unfortunately, this has an unforeseen side-effect on mysqli @ libmysql
[@ SSL]. Changing mysqli to make libmysql happy will cause leaks with mysqlnd.
This needs some think time.
[2011-08-05 11:53:47] u...@php.net
Reproducible with PHP 5.3.7RC4-dev (cli) (built: Jul 26 2011 17:35:20) (DEBUG)
using *libmysql* to connect to 5.1.45-debug-log
Configure Command = './configure' '--with-mysql=mysqlnd'
'--with-mysqli=/usr/local/mysql/bin/mysql_config'
'--with-pdo-mysql=/usr/local/mysql/bin/mysql_config' '--enable-debug'
'--enable-maintainer-zts' '--enable-mysqlnd-ms' '--enable-mysqlenterprise'
'--enable-mysqlnd-uh' '--enable-pcntl'
nixnutz@linux-fuxh:~/php/php-src/branches/PHP_5_3 sapi/cli/php bar.php
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(18) DHE-RSA-AES256-SHA
}
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(7) RC4-MD5
}
[2011-07-26 00:25:00] aleksey at wepay dot com
Please note that while the example shows the problem with the cipher, all other
parameters are also ignored. In particular, ssl cert info is critical.
[2011-07-26 00:20:58] aleksey at wepay dot com
Description:
The MySQLi ignores SSL options set with mysqli_ssl_set() for persistent
connections (works fine for non-persistent connections).
To reproduce:
1) Configure MySQL server with SSL support
(http://dev.mysql.com/doc/refman/5.0/en/secure-connections.html)
2) Run the attached test script
Test script:
---
?
$host = 'localhost';
$user = 'root';
$pass = '';
$db= null;
$port = 3306;
$flags = MYSQLI_CLIENT_SSL;
/* persistent connection */
$link = mysqli_init();
mysqli_ssl_set($link, null, null, null, null, RC4-MD5);
if (mysqli_real_connect($link, 'p:' . $host, $user, $pass, $db, $port, null,
$flags)) {
$r = $link-query(SHOW STATUS LIKE 'Ssl_cipher');
var_dump($r-fetch_row());
}
/* non-persistent connection */
$link = mysqli_init();
mysqli_ssl_set($link, null, null, null, null, RC4-MD5);
if (mysqli_real_connect($link, $host, $user, $pass, $db, $port, null, $flags)) {
$r = $link-query(SHOW STATUS LIKE 'Ssl_cipher');
var_dump($r-fetch_row());
}
Expected result:
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(18) RC4-MD5
}
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(7) RC4-MD5
}
Actual result:
--
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(18) DHE-RSA-AES256-SHA
}
array(2) {
[0]=
string(10) Ssl_cipher
[1]=
string(7) RC4-MD5
}
--
Edit this bug report at https://bugs.php.net/bug.php?id=55283edit=1
