php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #64889 printf inconsistent parsing format string
Submitted: 2013-05-21 15:21 UTC Modified: 2013-07-21 18:41 UTC
From: xoneca+phpbugs at gmail dot com Assigned:
Status: Not a bug Package: Scripting Engine problem
PHP Version: 5.4.15 OS: Linux 2.6.32-46-generic
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: xoneca+phpbugs at gmail dot com
New email:
PHP Version: OS:

 

 [2013-05-21 15:21 UTC] xoneca+phpbugs at gmail dot com 
Description:
------------
`printf` is inconsistent parsing the format string. Sometimes it throws a warning, and sometimes does not.

`printf` doesn't seem to like very much single `%` chars and gets crazy.

Depending on the arguments number, it will print something, or nothing.

Test script:
---------------
printf( '% % % %'); // or echo sprintf(...);
printf( '% % % %', 10);
printf( '% % % %', 10, 20);
printf( '% % % %', 10, 20, 30);
printf( '% % % %', 10, 20, 30, 40);
printf( '% % % %', 10, 20, 30, 40, 50);
// Another example:
printf( '% ## %d ## % ## %d ## %d', 10, 20, 30, 40, 50);


Expected result:
----------------
Throwing a warning at each call, or none at all. But not only sometimes.

Actual result:
--------------
php > printf( '% % % %');
PHP Warning:  printf(): Too few arguments in php shell code on line 1
php > printf( '% % % %', 10);
PHP Warning:  printf(): Too few arguments in php shell code on line 1
php > printf( '% % % %', 10, 20);
% %
php > printf( '% % % %', 10, 20, 30);
% %
php > printf( '% % % %', 10, 20, 30, 40);
% %
php > printf( '% % % %', 10, 20, 30, 40, 50);
% %
php > // Another example:
php > echo sprintf( '% ## %d ## % ## %d ## %d', 10, 20, 30, 40, 50);
# 20 ## # 40 ## 50

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-05-21 16:01 UTC] xoneca+phpbugs at gmail dot com 
Tested on latest stable and the result was the same.
 [2013-05-21 16:01 UTC] xoneca+phpbugs at gmail dot com
-PHP Version: 5.3.25 +PHP Version: 5.4.15
 [2013-07-21 17:55 UTC] arpad@php.net
-Status: Open +Status: Not a bug
 [2013-07-21 17:55 UTC] arpad@php.net 
As documented, use %% to represent a literal % in the format string.
 [2013-07-21 18:41 UTC] xoneca+phpbugs at gmail dot com 
I know '%' never should be used alone. I just found out that I mistakenly dropped the following letter and PHP just didn't complain. When I realized that, I started doing more tests.

I think PHP should throw a warning or something if it finds any non-escaped '%'.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat May 03 14:01:30 2025 UTC