PHP :: Bug #78692 :: define() and defined() not behaving correctly on Windows 10

Bug #78692

define() and defined() not behaving correctly on Windows 10

Submitted:

2019-10-18 15:27 UTC

Modified:

2020-08-02 04:22 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

security at paragonie dot com

Assigned:

cmb (profile)

Status:

No Feedback

Package:

*General Issues

PHP Version:

7.2.15

OS:

Windows

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	security at paragonie dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2019-10-18 15:27 UTC] security at paragonie dot com

Description:
------------
Found upstream: https://github.com/paragonie/sodium_compat/issues/99

Apparently, when someone installs paragonie/certainty on a specific Windows setup (according to the user, they are using "Win10 Enterprise 1809 and PHP 7.2.15 x64 NTS"), with sodium_compat 1.11.1, they were getting notices.

This _may_ be related to https://bugs.php.net/bug.php?id=77621 (not guaranteed), but I'm having a frustrating time trying to reproduce this behavior (and failing every time).

In the offchance that there is a Windows bug here (I assumed a race condition with the autoloader, but that doesn't seem to be the cause), I wanted to make sure it's reported upstream.

Test script:
---------------
Add this to composer.json on the described environment:

"require": {
    "paragonie/certainty": "^2",
    "paragonie/sodium_compat": "1.11.1"
}

Then run `composer install`. Then run this:

<?php
use ParagonIE\Certainty\RemoteFetch;

$fetcher = new RemoteFetch('/path/to/certainty/data');
$latestCACertBundle = $fetcher->getLatestBundle();

$ch = curl_init('https://secure.php.net');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CAINFO, $latestCACertBundle->getFilePath());

If you get a bunch of E_WARNING errors, congratulations! You've reproduced it.

Expected result:
----------------
No output.

Actual result:
--------------
Lots of warnings that look like

PHP Warning:  constant(): Couldn't find constant ParagonIE_Sodium_Compat::CONSTANT_NAME in C:\htdocs\www\testing\vendor\paragonie\sodium_compat\lib\php72compat.php on line 91

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-10-19 12:05 UTC] cmb@php.net

-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb

[2019-10-19 12:05 UTC] cmb@php.net

This is somewhat unlikely a Windows 10 specific issue.  Anyhow,
about which PHP version is it?  You've specified 7.3.10 in the
header, but stating the issue occured with 7.2.15.

[2019-10-19 13:53 UTC] security at paragonie dot com

-Status: Feedback +Status: Assigned -PHP Version: 7.3.10 +PHP Version: 7.2.15

[2019-10-19 13:53 UTC] security at paragonie dot com

Corrected.

[2019-10-19 14:25 UTC] cmb@php.net

-Status: Assigned +Status: Feedback

[2019-10-19 14:25 UTC] cmb@php.net

Thanks!  Did upgrading to any more recent PHP 7.2 solve the issue?

[2019-10-19 14:33 UTC] security at paragonie dot com

-Status: Feedback +Status: Assigned

[2019-10-19 14:33 UTC] security at paragonie dot com

I have no earthly clue.

As I said in my first post, I'm just the messenger. Someone else had the problem, and I couldn't reproduce it at all. My Windows environment "just works".

I was simply reporting this in the hopes that someone from Internals would succeed in reproducing the failure where I did not.

If it turns out to be an old bug, cool, then the responsibility falls on the Windows users to upgrade to later versions of PHP and we can "CLOSED WONTFIX" any complaints they levy against 7.2.15.

If it turns out to be a new bug, great, now we can fix it. :)

But I laid all my cards on the table in my first comment.

[2019-10-19 15:11 UTC] bugrports at gmail dot com

people *really* should refrain from wasting others time by reporting bugs for versions like 7.2.15 when 7.2.23 is out for weeks

what is the point of not first update any software with problems to the latest stable version and look if the problem goes away?

[2019-10-19 15:24 UTC] security at paragonie dot com

> bugrports at gmail dot com:
>
> people *really* should refrain from wasting others time by reporting bugs for versions like 7.2.15 when 7.2.23 is out for weeks

Making sure that upstream projects have a ticket onhand for behavior reported in downstream projects (and taking care to make this clear in my bug report) is considered a "wasting others time" now? TIL.

[2019-10-19 15:30 UTC] bugreports at gmail dot com

> Making sure that upstream projects have a ticket onhand 
> for behavior reported in downstream projects

in case when you simply can try if the problem still exists for sure because if it no longer exists there likely was already a ticket long ago which was solved 

* you startet even with the wrong major version
* pointed out
* fixed
* Did upgrading to any more recent PHP 7.2 solve the issue?

and here we are now instead doing your homework by just try the latest version and if that donät fix the problem and you correctly report for 5.2.23 from the begin 4 upstream actions could have been saved or probably the problem is gone away at all in the meantime

[2019-10-19 15:46 UTC] security at paragonie dot com

> and here we are now instead doing your homework by just try the latest version and if that donät fix the problem and you correctly report for 5.2.23 from the begin 4 upstream actions could have been saved or probably the problem is gone away at all in the meantime

You aren't doing my homework.

I literally reported this out of due diligence. You don't have to do anything with this information.

If you still consider this a "waste" of YOUR time, stop participating in this thread and let someone with more {patience, capacity to understand human communication and context} handle this instead.

I'm sorry you don't see the value in communicating information. It's not even assigned to you anyway.

[2019-10-20 08:56 UTC] cmb@php.net

-Status: Assigned +Status: Open -Assigned To: cmb +Assigned To:

[2019-10-20 08:56 UTC] cmb@php.net

I cannot reproduce this with the described setup and PHP 7.2.15
NTS x64.  Maybe someone else can.

[2020-07-23 07:43 UTC] cmb@php.net

-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb

[2020-07-23 07:43 UTC] cmb@php.net

Can anybody reproduce this with any of the actively supported PHP
versions[1]?

[1] <https://www.php.net/supported-versions.php>

[2020-08-02 04:22 UTC] php-bugs at lists dot php dot net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Oct 29 22:00:02 2025 UTC