php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #61740 base_convert skips over out-of-range or unknown characters
Submitted: 2012-04-15 21:44 UTC Modified: 2019-07-11 20:34 UTC
Votes:2
Avg. Score:3.5 ± 0.5
Reproduced:2 of 2 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (50.0%)
From: hholzgra@php.net Assigned: nikic (profile)
Status: Closed Package: Math related
PHP Version: master-Git-2012-04-15 (Git) OS: linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: hholzgra@php.net
New email:
PHP Version: OS:

 

 [2012-04-15 21:44 UTC] hholzgra@php.net 
Description:
------------
e.g. base_convert(101,10,10) and base_convert(10.1,10,10) return the same result as the decimal dot character is simply ignored/skipped over
(found in the user notes on base_convert() in the manual)

Test script:
---------------
echo base_convert("10@23",10,10);

Expected result:
----------------
10 // or an error

Actual result:
--------------
1023

Patches

base-convert-notice (last revision 2016-06-30 12:10 UTC by cmb@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-06-30 11:35 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2016-06-30 11:35 UTC] cmb@php.net 
Confirmed: <https://3v4l.org/kqOBk>. Apparently, *any* invalid
characters in $number are silently ignored.
 [2016-06-30 11:43 UTC] cmb@php.net 
Automatic comment from SVN on behalf of cmb
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=339532
Log: Address #61740: base_convert skips over out-of-range or unknown characters
 [2016-06-30 12:10 UTC] cmb@php.net 
The following patch has been added/updated:

Patch Name: base-convert-notice
Revision:   1467288606
URL:        https://bugs.php.net/patch-display.php?bug=61740&patch=base-convert-notice&revision=1467288606
 [2016-06-30 12:12 UTC] cmb@php.net 
While fixing this issue is trivial (for instance, the attached
patch base-convert-notice would raise E_NOTICE, but continue
processing), it would cause BC break: I got 9 failing PHPTs and
maybe even worse, _php_math_basetozval() is declared as PHP_API.
 [2019-07-11 20:23 UTC] Scott at exussum dot co dot uk 
This has been fixed in PHP 7.4
 [2019-07-11 20:34 UTC] nikic@php.net
-Status: Verified +Status: Closed -Assigned To: +Assigned To: nikic
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Nov 26 00:01:32 2024 UTC