php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77454 mb_scrub() silently truncates after a null byte
Submitted: 2019-01-13 16:27 UTC Modified: 2019-01-14 09:07 UTC
From: 64796c6e69 at gmail dot com Assigned: nikic (profile)
Status: Closed Package: mbstring related
PHP Version: master-Git-2019-01-13 (Git) OS: any
Private report: No CVE-ID: None
 [2019-01-13 16:27 UTC] 64796c6e69 at gmail dot com
Description:
------------
mb_scrub() silently truncates anything after a null byte in a string.

This bug has existed since the function was created.

The arguments are read correctly, but the returned value ignores the length:
https://github.com/php/php-src/blob/30668755b64aa732246d952451f89d1fcfe581f0/ext/mbstring/mbstring.c#L4990

Test script:
---------------
<?php
$str = "before\0after";
var_dump(mb_scrub($str, 'latin1'));
var_dump(mb_scrub($str, 'utf-8'));
var_dump(mb_scrub($str, 'ascii'));

Expected result:
----------------
There should be a null byte in each of these.

string(12) "beforeafter"
string(12) "beforeafter"
string(12) "beforeafter"

Actual result:
--------------
string(6) "before"
string(6) "before"
string(6) "before"

Patches

mb_scrub.patch (last revision 2019-01-13 16:27 UTC by 64796c6e69 at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-01-13 16:31 UTC] 64796c6e69 at gmail dot com
-Operating System: Linux +Operating System: any
 [2019-01-13 16:31 UTC] 64796c6e69 at gmail dot com
Updating OS.
 [2019-01-13 16:36 UTC] stas@php.net
-Type: Security +Type: Bug
 [2019-01-14 09:07 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2019-01-14 09:24 UTC] nikic@php.net
Automatic comment on behalf of nikita.ppv@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=3ad0ebdf5cdc6dbe077685907d012eaeac7ea6e4
Log: Fixed bug #77454
 [2019-01-14 09:24 UTC] nikic@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 05:01:28 2024 UTC