php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #39661 Crash when imploding null into sprintf
Submitted: 2006-11-28 15:11 UTC Modified: 2006-11-28 16:41 UTC
From: mark at temporal-solutions dot co dot uk Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 5.2.0 OS: Windows XP SP2
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: mark at temporal-solutions dot co dot uk
New email:
PHP Version: OS:

 

 [2006-11-28 15:11 UTC] mark at temporal-solutions dot co dot uk 
Description:
------------
Imploding an array containing a NULL as an argument to sprintf causes php-cgi.exe crash with null pointer read under IIS5.1 w/ Windows XP SP2 Pro.

Reproduce code:
---------------
<?
	$keys = array();
	$keys[] = NULL;
	sprintf('%s', implode(' ', $keys));
?>

Expected result:
----------------
Script execute and produce nothing.

Actual result:
--------------
CGI crash reading memory at 0x000000

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-11-28 15:20 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip
 [2006-11-28 15:28 UTC] mark at temporal-solutions dot co dot uk 
Confirming latest snapshot fixes this error.
 [2006-11-28 16:36 UTC] mark at temporal-solutions dot co dot uk 
Unfortunately this snapshot seems to make all classes passed by value rather than by reference like they were in php4.
 [2006-11-28 16:41 UTC] mark at temporal-solutions dot co dot uk 
Edit: Discard; patching process created conflict in local paths and selected an INI that had the wrong php4 compatability set.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Nov 24 05:01:32 2024 UTC