#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410
User updated by: thomas dot werner at mac dot com
Reported By: thomas dot werner at mac dot com
Status: Open
Bug Type: WDDX related
Operating System: Linux / MacOSX
PHP Version: 4.4.1
New Comment:
what does it mean? a bug or a new "feature"? feature because
you wrote "the behaviour changed" ...
Previous Comments:
[2005-11-26 18:55:20] [EMAIL PROTECTED]
I looked into this a bit deeper and it appears that the behaviour
changed when fixing #34068. The patch can be seen at
http://cvs.php.net/diff.php/php-src/ext/wddx/wddx.c?ws=0&r1=1.119&r2=1.120&ty=u.
[2005-11-26 18:32:57] thomas dot werner at mac dot com
PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same
like 4.4.0. I guess, this behavior beguns with the "fast"
fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but
i'm not shure, or another fix introduced in 4.4.1. maybe the
xml-parser thinks, oh its a number, not a string and convert
it to integer, but its out of range... i know only, my php-app
worked over years :o)
[2005-11-26 18:11:43] [EMAIL PROTECTED]
PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the
following results that are again different from the 4.4.1 and 4.4.0
results:
array(1) {
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[-2147483648]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
}
[2005-11-26 17:11:23] thomas dot werner at mac dot com
Description:
I have a wddx file:
***
Content Configuration File
10
4
desc
and load it with the function "wddx_deserialize" in $config.
var_dump outputs different arrays in php-4.4.0 and
php-4.4.1.
["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are
not the same (string vs. int).
i used exact the same configuration for compiling and
checked it with debian sarge on linux and macosx too.
cheers tom
Reproduce code:
---
[...]
if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) {
return false;
}
while ( !feof( $filepointer) ) {
$data .= fgets( $filepointer, 4096 );
}
fclose( $filepointer );
if ( $data ) {
$config = wddx_deserialize( $data );
[...]
Expected result:
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["113301888545229100"]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
[...]
Actual result:
--
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[2147483647]=>
[...]
2147483647 is not right...
--
Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410
Updated by: [EMAIL PROTECTED]
Reported By: thomas dot werner at mac dot com
Status: Open
Bug Type: WDDX related
Operating System: Linux / MacOSX
PHP Version: 4.4.1
New Comment:
I looked into this a bit deeper and it appears that the behaviour
changed when fixing #34068. The patch can be seen at
http://cvs.php.net/diff.php/php-src/ext/wddx/wddx.c?ws=0&r1=1.119&r2=1.120&ty=u.
Previous Comments:
[2005-11-26 18:32:57] thomas dot werner at mac dot com
PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same
like 4.4.0. I guess, this behavior beguns with the "fast"
fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but
i'm not shure, or another fix introduced in 4.4.1. maybe the
xml-parser thinks, oh its a number, not a string and convert
it to integer, but its out of range... i know only, my php-app
worked over years :o)
[2005-11-26 18:11:43] [EMAIL PROTECTED]
PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the
following results that are again different from the 4.4.1 and 4.4.0
results:
array(1) {
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[-2147483648]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
}
[2005-11-26 17:11:23] thomas dot werner at mac dot com
Description:
I have a wddx file:
***
Content Configuration File
10
4
desc
and load it with the function "wddx_deserialize" in $config.
var_dump outputs different arrays in php-4.4.0 and
php-4.4.1.
["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are
not the same (string vs. int).
i used exact the same configuration for compiling and
checked it with debian sarge on linux and macosx too.
cheers tom
Reproduce code:
---
[...]
if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) {
return false;
}
while ( !feof( $filepointer) ) {
$data .= fgets( $filepointer, 4096 );
}
fclose( $filepointer );
if ( $data ) {
$config = wddx_deserialize( $data );
[...]
Expected result:
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["113301888545229100"]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
[...]
Actual result:
--
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[2147483647]=>
[...]
2147483647 is not right...
--
Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410
User updated by: thomas dot werner at mac dot com
Reported By: thomas dot werner at mac dot com
Status: Open
Bug Type: WDDX related
Operating System: Linux / MacOSX
PHP Version: 4.4.1
New Comment:
PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same
like 4.4.0. I guess, this behavior beguns with the "fast"
fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but
i'm not shure, or another fix introduced in 4.4.1. maybe the
xml-parser thinks, oh its a number, not a string and convert
it to integer, but its out of range... i know only, my php-app
worked over years :o)
Previous Comments:
[2005-11-26 18:11:43] [EMAIL PROTECTED]
PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the
following results that are again different from the 4.4.1 and 4.4.0
results:
array(1) {
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[-2147483648]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
}
[2005-11-26 17:11:23] thomas dot werner at mac dot com
Description:
I have a wddx file:
***
Content Configuration File
10
4
desc
and load it with the function "wddx_deserialize" in $config.
var_dump outputs different arrays in php-4.4.0 and
php-4.4.1.
["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are
not the same (string vs. int).
i used exact the same configuration for compiling and
checked it with debian sarge on linux and macosx too.
cheers tom
Reproduce code:
---
[...]
if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) {
return false;
}
while ( !feof( $filepointer) ) {
$data .= fgets( $filepointer, 4096 );
}
fclose( $filepointer );
if ( $data ) {
$config = wddx_deserialize( $data );
[...]
Expected result:
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["113301888545229100"]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
[...]
Actual result:
--
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[2147483647]=>
[...]
2147483647 is not right...
--
Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410
Updated by: [EMAIL PROTECTED]
Reported By: thomas dot werner at mac dot com
Status: Open
Bug Type: WDDX related
Operating System: Linux / MacOSX
PHP Version: 4.4.1
New Comment:
PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the
following results that are again different from the 4.4.1 and 4.4.0
results:
array(1) {
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[-2147483648]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
}
Previous Comments:
[2005-11-26 17:11:23] thomas dot werner at mac dot com
Description:
I have a wddx file:
***
Content Configuration File
10
4
desc
and load it with the function "wddx_deserialize" in $config.
var_dump outputs different arrays in php-4.4.0 and
php-4.4.1.
["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are
not the same (string vs. int).
i used exact the same configuration for compiling and
checked it with debian sarge on linux and macosx too.
cheers tom
Reproduce code:
---
[...]
if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) {
return false;
}
while ( !feof( $filepointer) ) {
$data .= fgets( $filepointer, 4096 );
}
fclose( $filepointer );
if ( $data ) {
$config = wddx_deserialize( $data );
[...]
Expected result:
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["113301888545229100"]=>
array(3) {
["max"]=>
int(10)
["cache"]=>
int(4)
["order"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
["CMS_BUILD"]=>
string(4) "desc"
}
}
}
}
}
[...]
Actual result:
--
[...]
["content_queries"]=>
array(1) {
["content_113300831086270200"]=>
array(1) {
[2147483647]=>
[...]
2147483647 is not right...
--
Edit this bug report at http://bugs.php.net/?id=35410&edit=1
