From: jdolecek at NetBSD dot org Operating system: Any PHP version: 5.1.4 PHP Bug Type: WDDX related Bug description: WDDX bad character encoding
Description: ------------ WDDX serializes control charactes using a <char code="XX"/> construct, However, the code contains sign extension bug, and on platforms with signed char the result XX contains incorrect (sign-extended) code. This affects e.g. UTF8-encoded non-ASCII text, which can contain characters in 128-160 range. Fix: --- wddx.c.orig 2006-05-23 23:58:54.000000000 +0200 +++ wddx.c @@ -401,7 +401,7 @@ static void php_wddx_serialize_string(wd default: if (iscntrl((int)*(unsigned char *)p)) { FLUSH_BUF(); - sprintf(control_buf, WDDX_CHAR, *p); + sprintf(control_buf, WDDX_CHAR, (int)*(unsigned char *)p); php_wddx_add_chunk(packet, control_buf); } else buf[l++] = *p; Reproduce code: --------------- On UNIX with iso-8859-1 locale: echo wddx_serialize_value(chr(1))."\n"; echo wddx_serialize_value(chr(128))."\n"; Expected result: ---------------- <wddxPacket version='1.0'><header/><data><string><char code='01'/></string></data></wddxPacket> <wddxPacket version='1.0'><header/><data><string><char code='80'/></string></data></wddxPacket> Actual result: -------------- <wddxPacket version='1.0'><header/><data><string><char code='01'/></string></data></wddxPacket> <wddxPacket version='1.0'><header/><data><string><char code='FFFFFF80'/></string></data></wddxPacket> -- Edit bug report at http://bugs.php.net/?id=37569&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=37569&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=37569&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=37569&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=37569&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=37569&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=37569&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=37569&r=needscript Try newer version: http://bugs.php.net/fix.php?id=37569&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=37569&r=support Expected behavior: http://bugs.php.net/fix.php?id=37569&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=37569&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=37569&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=37569&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=37569&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=37569&r=dst IIS Stability: http://bugs.php.net/fix.php?id=37569&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=37569&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=37569&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=37569&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=37569&r=mysqlcfg