php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #28597 Wrong numeric entities convertion in xmlrpc_encode_request
Submitted: 2004-06-01 01:55 UTC Modified: 2004-06-01 22:16 UTC
From: fernando dot nemec at folha dot com dot br Assigned:
Status: Closed Package: XMLRPC-EPI related
PHP Version: 4.3.6 OS: Linux 2.4
Private report: No CVE-ID: None
 [2004-06-01 01:55 UTC] fernando dot nemec at folha dot com dot br
Description:
------------
In special circunstances, the funcion xmlrpc_encode_request may do wrong numeric entities convertions. 

This occur when the escaping is set to "non-ascii" (this is on by default) and when the xml data has any caracter which ascii code % 10 < 10 (ex: 202,203,204, so on). 

Reproduce code:
---------------
$request_xml = xmlrpc_encode_request( "method" , Array( "?emec" ) , Array( "version" => "xmlrpc" ) ) ;
print( $request_xml ) ;


Expected result:
----------------
<?xml version="1.0" encoding="iso-8859-1"?>
<methodCall>
<methodName>teste</methodName>
<params>
 <param>
  <value>
   <string>&#209;emec</string>
  </value>
 </param>
</params>
</methodCall>


Actual result:
--------------
<?xml version="1.0" encoding="iso-8859-1"?>
<methodCall>
<methodName>teste</methodName>
<params>
 <param>
  <value>
   <string>&#29;emec</string>
  </value>
 </param>
</params>
</methodCall>


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-06-01 02:04 UTC] fernando dot nemec at folha dot com dot br
Actually, I have made a patch for this issue, but Im not sure for who I must send it. 

So, the URL with a udiff is:

http://ls.homelinux.net/~fnemec/xml_element.c.diff

Thanks,

Nemec
 [2004-06-01 08:17 UTC] derick@php.net
Please send the patch to internals@php.net referring to this bugreport (and a simple analysis describing why the current code is wrong).
 [2004-06-01 16:35 UTC] fernando dot nemec at folha dot com dot br
Derick,

My mail server says such account doesn't exist. 

<internals@php.net>:
69.28.246.234 does not like recipient.
Remote host said: 550 no such account
Giving up on 69.28.246.234.

Nemec
 [2004-06-01 16:46 UTC] derick@php.net
internals@lists.php.net then...
 [2004-06-01 22:16 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 08:01:27 2024 UTC