php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #34931 Problem maintaining membeprivacy while returning private member array variable.
Submitted: 2005-10-20 15:21 UTC Modified: 2005-10-21 16:11 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: feralcab at gmail dot com Assigned:
Status: Not a bug Package: Arrays related
PHP Version: 5.0.5 OS: FreeBSD 5.4
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: feralcab at gmail dot com
New email:
PHP Version: OS:

 

 [2005-10-20 15:21 UTC] feralcab at gmail dot com 
Description:
------------
When an object contains an array of other objects 
as a private member variable, if the array is 
returned through a member method, instead of a 
copy a reference to the private array is returned. 
Through this reference the member variable can be
modified outside of the object's scope. Thus, violating the private member variable state.

Reproduce code:
---------------
class Atom {
  private $x = 0;  
  public function __construct($x) {$this->x = $x;}
  public function setX($x)        {$this->x = $x;} 
}
class Element {
  private $atoms = array();  
  public function __construct($NMAX) {
    for ($i=0; $i<$NMAX; ++$i) 
      $this->atoms[] = new Atom($i);
  }
  public function setAtoms($atoms) {$this->atoms = $atoms;}
  public function getAtoms()       {return $this->atoms;} 
}
$element = new Element(3); 
$v = $element->getAtoms(); print_r($v); 
$v[0]->setX(79);           print_r($v);
$w = $element->getAtoms(); print_r($w);

Expected result:
----------------
Array
(
    [0] => Atom Object
        (
            [x:private] => 0
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)
Array
(
    [0] => Atom Object
        (
            [x:private] => 79
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)
Array
(
    [0] => Atom Object
        (
            [x:private] => 0
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)


Actual result:
--------------
Array
(
    [0] => Atom Object
        (
            [x:private] => 0
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)
Array
(
    [0] => Atom Object
        (
            [x:private] => 79
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)
Array
(
    [0] => Atom Object
        (
            [x:private] => 79
        )

    [1] => Atom Object
        (
            [x:private] => 1
        )

    [2] => Atom Object
        (
            [x:private] => 2
        )

)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-20 15:29 UTC] tony2001@php.net 
Yes, objects are always references in PHP5.
http://www.php.net/manual/en/migration5.oop.php
 [2005-10-20 16:50 UTC] feralcab at gmail dot com 
I see, but shouldn't PHP be smart
enough to know that when it returns an object's reference
which belongs to another object as a private data member, 
the data referenced should not be tampered with from outside the owner's scope? Thank you for your time.
 [2005-10-21 12:07 UTC] feralcab at gmail dot com 
no comment
 [2005-10-21 12:16 UTC] tony2001@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Did you read my answer?
 [2005-10-21 16:11 UTC] feralcab at gmail dot com 
Hi again, yes I read the link that you pointed out, and I understand now that it is a design choice. I also read the http://bugs.php.net/how-to-report.php site before reporting what I thought was a bug, when in fact it is expected behavior. I just came to think seeing how most (if not all) C++ compilers along with Java run-time envs behave, that an object's private data members, whether accessed by value or reference should only be accessible within the object's scope. Thanks for your time.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Jul 18 18:00:02 2025 UTC