#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410 User updated by: thomas dot werner at mac dot com Reported By: thomas dot werner at mac dot com Status: Open Bug Type: WDDX related Operating System: Linux / MacOSX PHP Version: 4.4.1 New Comment: what does it mean? a bug or a new "feature"? feature because you wrote "the behaviour changed" ... Previous Comments: [2005-11-26 18:55:20] [EMAIL PROTECTED] I looked into this a bit deeper and it appears that the behaviour changed when fixing #34068. The patch can be seen at http://cvs.php.net/diff.php/php-src/ext/wddx/wddx.c?ws=0&r1=1.119&r2=1.120&ty=u. [2005-11-26 18:32:57] thomas dot werner at mac dot com PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same like 4.4.0. I guess, this behavior beguns with the "fast" fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but i'm not shure, or another fix introduced in 4.4.1. maybe the xml-parser thinks, oh its a number, not a string and convert it to integer, but its out of range... i know only, my php-app worked over years :o) [2005-11-26 18:11:43] [EMAIL PROTECTED] PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the following results that are again different from the 4.4.1 and 4.4.0 results: array(1) { ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [-2147483648]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } } [2005-11-26 17:11:23] thomas dot werner at mac dot com Description: I have a wddx file: *** Content Configuration File 10 4 desc and load it with the function "wddx_deserialize" in $config. var_dump outputs different arrays in php-4.4.0 and php-4.4.1. ["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are not the same (string vs. int). i used exact the same configuration for compiling and checked it with debian sarge on linux and macosx too. cheers tom Reproduce code: --- [...] if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) { return false; } while ( !feof( $filepointer) ) { $data .= fgets( $filepointer, 4096 ); } fclose( $filepointer ); if ( $data ) { $config = wddx_deserialize( $data ); [...] Expected result: [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["113301888545229100"]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } [...] Actual result: -- [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [2147483647]=> [...] 2147483647 is not right... -- Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410 Updated by: [EMAIL PROTECTED] Reported By: thomas dot werner at mac dot com Status: Open Bug Type: WDDX related Operating System: Linux / MacOSX PHP Version: 4.4.1 New Comment: I looked into this a bit deeper and it appears that the behaviour changed when fixing #34068. The patch can be seen at http://cvs.php.net/diff.php/php-src/ext/wddx/wddx.c?ws=0&r1=1.119&r2=1.120&ty=u. Previous Comments: [2005-11-26 18:32:57] thomas dot werner at mac dot com PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same like 4.4.0. I guess, this behavior beguns with the "fast" fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but i'm not shure, or another fix introduced in 4.4.1. maybe the xml-parser thinks, oh its a number, not a string and convert it to integer, but its out of range... i know only, my php-app worked over years :o) [2005-11-26 18:11:43] [EMAIL PROTECTED] PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the following results that are again different from the 4.4.1 and 4.4.0 results: array(1) { ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [-2147483648]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } } [2005-11-26 17:11:23] thomas dot werner at mac dot com Description: I have a wddx file: *** Content Configuration File 10 4 desc and load it with the function "wddx_deserialize" in $config. var_dump outputs different arrays in php-4.4.0 and php-4.4.1. ["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are not the same (string vs. int). i used exact the same configuration for compiling and checked it with debian sarge on linux and macosx too. cheers tom Reproduce code: --- [...] if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) { return false; } while ( !feof( $filepointer) ) { $data .= fgets( $filepointer, 4096 ); } fclose( $filepointer ); if ( $data ) { $config = wddx_deserialize( $data ); [...] Expected result: [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["113301888545229100"]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } [...] Actual result: -- [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [2147483647]=> [...] 2147483647 is not right... -- Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410 User updated by: thomas dot werner at mac dot com Reported By: thomas dot werner at mac dot com Status: Open Bug Type: WDDX related Operating System: Linux / MacOSX PHP Version: 4.4.1 New Comment: PHP 5.0.4/5.0.5 on mac and 5.0.5 on linux outputs the same like 4.4.0. I guess, this behavior beguns with the "fast" fixes of PHP file-upload/$GLOBALS overwrite vulnerability, but i'm not shure, or another fix introduced in 4.4.1. maybe the xml-parser thinks, oh its a number, not a string and convert it to integer, but its out of range... i know only, my php-app worked over years :o) Previous Comments: [2005-11-26 18:11:43] [EMAIL PROTECTED] PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the following results that are again different from the 4.4.1 and 4.4.0 results: array(1) { ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [-2147483648]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } } [2005-11-26 17:11:23] thomas dot werner at mac dot com Description: I have a wddx file: *** Content Configuration File 10 4 desc and load it with the function "wddx_deserialize" in $config. var_dump outputs different arrays in php-4.4.0 and php-4.4.1. ["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are not the same (string vs. int). i used exact the same configuration for compiling and checked it with debian sarge on linux and macosx too. cheers tom Reproduce code: --- [...] if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) { return false; } while ( !feof( $filepointer) ) { $data .= fgets( $filepointer, 4096 ); } fclose( $filepointer ); if ( $data ) { $config = wddx_deserialize( $data ); [...] Expected result: [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["113301888545229100"]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } [...] Actual result: -- [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [2147483647]=> [...] 2147483647 is not right... -- Edit this bug report at http://bugs.php.net/?id=35410&edit=1
#35410 [Opn]: Strange behavior of function "wddx_deserialize"
ID: 35410 Updated by: [EMAIL PROTECTED] Reported By: thomas dot werner at mac dot com Status: Open Bug Type: WDDX related Operating System: Linux / MacOSX PHP Version: 4.4.1 New Comment: PHP 5.1.0 on Linux compiled with ./configure --enable-wddx gives me the following results that are again different from the 4.4.1 and 4.4.0 results: array(1) { ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [-2147483648]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } } Previous Comments: [2005-11-26 17:11:23] thomas dot werner at mac dot com Description: I have a wddx file: *** Content Configuration File 10 4 desc and load it with the function "wddx_deserialize" in $config. var_dump outputs different arrays in php-4.4.0 and php-4.4.1. ["113301888545229100"] (4.4.0) and [2147483647] (4.4.1) are not the same (string vs. int). i used exact the same configuration for compiling and checked it with debian sarge on linux and macosx too. cheers tom Reproduce code: --- [...] if ( !( $filepointer = @fopen( $filename, 'r' ) ) ) { return false; } while ( !feof( $filepointer) ) { $data .= fgets( $filepointer, 4096 ); } fclose( $filepointer ); if ( $data ) { $config = wddx_deserialize( $data ); [...] Expected result: [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["113301888545229100"]=> array(3) { ["max"]=> int(10) ["cache"]=> int(4) ["order"]=> array(1) { ["content_113300831086270200"]=> array(1) { ["CMS_BUILD"]=> string(4) "desc" } } } } } [...] Actual result: -- [...] ["content_queries"]=> array(1) { ["content_113300831086270200"]=> array(1) { [2147483647]=> [...] 2147483647 is not right... -- Edit this bug report at http://bugs.php.net/?id=35410&edit=1