php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #38839 wddx_serialize_value() broken in 4.4.3 and greater.
Submitted: 2006-09-15 09:56 UTC Modified: 2010-12-20 12:18 UTC
From: rob at choralone dot org Assigned: jani (profile)
Status: Closed Package: WDDX related
PHP Version: 4.4.4 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: rob at choralone dot org
New email:
PHP Version: OS:

 

 [2006-09-15 09:56 UTC] rob at choralone dot org 
Description:
------------
wddx_serialize_value() produces bad wddx data when serializing an associative array.

This first started happening with PHP 4.4.3, so I suspect the fix for bug #37569 (WDDX incorrectly encodes high-ascii characters) probably broke it.

Reproduce code:
---------------
<?php
$data = array('foo' => 'bar');
print(wddx_serialize_value($data));
?>

Expected result:
----------------
<wddxPacket version='1.0'><header/><data><struct><var name='foo'><string>bar</string></var></struct></data></wddxPacket>

run through xml tidy to make it readable:

<wddxPacket version='1.0'>
  <header/>
  <data>
    <struct>
      <var name='foo'>
        <string>bar</string>
      </var>
    </struct>
  </data>
</wddxPacket>

Actual result:
--------------
<wddxPacket version='1.0'><header/><data><struct><va<string>bar</string></var></struct></data></wddxPacket>

run through xml tidy to make it readable:

<wddxPacket version='1.0'>
  <header/>
  <data>
    <struct>
      <va<string>bar</string></var>
    </struct>
  </data>
</wddxPacket>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-09-15 10:04 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2006-09-15 10:40 UTC] rob at choralone dot org 
Yes, that's fixed it - thank you.

For anyone else interested, this is the patch I'm bundling in our company RPM build of php 4.4.4 that fixes the issue:

--- php-4.4.4/ext/wddx/wddx.c   2006-05-26 02:55:26.000000000 +0100
+++ php-4.4.4/ext/wddx/wddx-new.c       2006-08-24 09:32:37.000000000 +0100
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */

-/* $Id: wddx.c,v 1.96.2.6.2.7 2006/05/26 01:55:26 iliaa Exp $ */
+/* $Id: wddx.c,v 1.96.2.6.2.8 2006/08/24 08:30:28 tony2001 Exp $ */

 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -432,7 +432,7 @@
        tmp = *var;
        zval_copy_ctor(&tmp);
        convert_to_string(&tmp);
-       snprintf(tmp_buf, Z_STRLEN(tmp), WDDX_NUMBER, Z_STRVAL(tmp));
+       snprintf(tmp_buf, sizeof(tmp_buf), WDDX_NUMBER, Z_STRVAL(tmp));
        zval_dtor(&tmp);

        php_wddx_add_chunk(packet, tmp_buf);
@@ -630,8 +630,8 @@

        if (name) {
                name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES, NULL TSRMLS_CC);
-               tmp_buf = emalloc(name_esc_len + 1);
-               snprintf(tmp_buf, name_esc_len, WDDX_VAR_S, name_esc);
+               tmp_buf = emalloc(name_esc_len + sizeof(WDDX_VAR_S));
+               snprintf(tmp_buf, name_esc_len + sizeof(WDDX_VAR_S), WDDX_VAR_S, name_esc);
                php_wddx_add_chunk(packet, tmp_buf);
                efree(tmp_buf);
                efree(name_esc);
 [2006-09-15 11:04 UTC] tony2001@php.net 
Great, thanks.
 [2010-12-20 12:18 UTC] jani@php.net
-Package: Tidy +Package: WDDX related -Assigned To: +Assigned To: jani
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Nov 04 20:00:01 2025 UTC