php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #41032 Backreferences are not escaped properly
Submitted: 2007-04-09 23:07 UTC Modified: 2007-04-10 07:52 UTC
From: phpcoder at cyberpimp dot sexventure dot com Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 5.2.1 OS: Win98SE
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: phpcoder at cyberpimp dot sexventure dot com
New email:
PHP Version: OS:

 

 [2007-04-09 23:07 UTC] phpcoder at cyberpimp dot sexventure dot com 
Description:
------------
According to the documentation for preg_replace(), double-quotes, apostrophes/single-quotes, backslashes, and nulls are supposed to be returned escaped.  However, only double-quotes and nulls are escaped; apostrophes/single-quotes and backslashes are returned in their original context.

Reproduce code:
---------------
<?php
header('Content-Type: text/plain; charset=US-ASCII');
$inputstring="'\"\0\\";
echo preg_replace('/([\\x00-\\xFF])/e',"strlen('$1').' chars returned ($1)'.\"\r\n\"",$inputstring);
?>


Expected result:
----------------
2 chars returned (\')
2 chars returned (\")
2 chars returned (\0)
2 chars returned (\\)


Actual result:
--------------
1 chars returned (')
2 chars returned (\")
2 chars returned (\0)
1 chars returned (\)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-04-10 07:52 UTC] tony2001@php.net 
The documentation is correct:

var_dump('\''); - 1 char
var_dump('\"'); - 2 chars
var_dump('\0'); - 2 chars
var_dump('\\'); - 1 char
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Nov 08 12:00:02 2025 UTC