php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #79567 yaml_parse_url assertion
Submitted: 2020-05-05 15:58 UTC Modified: 2020-05-07 04:30 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: anrdaemon at yandex dot ru Assigned: bd808 (profile)
Status: Closed Package: yaml (PECL)
PHP Version: 7.0.8 OS: Windows/64-bit
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: anrdaemon at yandex dot ru
New email:
PHP Version: OS:

 

 [2020-05-05 15:58 UTC] anrdaemon at yandex dot ru 
Description:
------------
Yes a continuation of https://bugs.php.net/bug.php?id=79494

See attached test case.

IMO, it should at least err out if it can't represent the parsed value.

Test script:
---------------
<?php

$data = array (
  'audioEnabled' =>
  array (
    0 => 132317787432502136,
    1 => 0,
  ),
);

var_dump($data);

$yaml = yaml_emit($data);
print $yaml;

$result = yaml_parse($yaml);
var_dump($result);

print "Was the data parsed correctly? ";
print $result == $data ? "Yes!\n" : "No...\n";


Expected result:
----------------
array(1) {
  ["audioEnabled"]=>
  array(2) {
    [0]=>
    int(132317787432502136)
    [1]=>
    int(0)
  }
}
---
audioEnabled:
- 132317787432502136
- 0
...
array(1) {
  ["audioEnabled"]=>
  array(2) {
    [0]=>
    int(132317787432502136)
    [1]=>
    int(0)
  }
}
Was the data parsed correctly? Yes!

Actual result:
--------------
array(1) {
  ["audioEnabled"]=>
  array(2) {
    [0]=>
    int(132317787432502136)
    [1]=>
    int(0)
  }
}
---
audioEnabled:
- 132317787432502136
- 0
...
array(1) {
  ["audioEnabled"]=>
  array(2) {
    [0]=>
    int(2147483647)
    [1]=>
    int(0)
  }
}
Was the data parsed correctly? No...

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-05-06 05:23 UTC] bd808@php.net
-Summary: The 64-bit YAML ext parser uses 32-bit signed integer arithmetics +Summary: yaml_parse_url assertion -Status: Open +Status: Verified -PHP Version: 7.4.5 +PHP Version: 7.0.8 -Assigned To: +Assigned To: bd808
 [2020-05-06 05:23 UTC] bd808@php.net 
detect.c is not using the macros from <Zend/zend_long.h> when converting strings to longs. Instead it is using strtol(3) directly on all platforms.
 [2020-05-06 05:28 UTC] bd808@php.net
-Summary: yaml_parse_url assertion +Summary: Parsing long long values leads to truncation on LLP64 platforms
 [2020-05-06 05:35 UTC] bd808@php.net 
The following pull request has been associated:

Patch Name: Use helpers from Zend to parse strings as numbers
On GitHub:  https://github.com/php/pecl-file_formats-yaml/pull/48
Patch:      https://github.com/php/pecl-file_formats-yaml/pull/48.patch
 [2020-05-07 01:39 UTC] bd808@php.net
-Status: Verified +Status: Closed
 [2020-05-07 01:39 UTC] bd808@php.net 
I have merged a patch for this that will be part of the eventual v2.2.0 release.
 [2020-05-07 03:07 UTC] bd808@php.net
-Status: Closed +Status: Re-Opened
 [2020-05-07 03:07 UTC] bd808@php.net 
TEST 14/73 [C:\projects\yaml\tests\bug_74886.phpt]
========DIFF========
013+     int(2147483647)
013-     int(3735928559)
========DONE========
FAIL Test PECL bug #74886 [C:\projects\yaml\tests\bug_74886.phpt]

Still getting 32-bit truncation on a hex value.
 [2020-05-07 04:30 UTC] bd808@php.net
-Summary: Parsing long long values leads to truncation on LLP64 platforms +Summary: yaml_parse_url assertion -Status: Re-Opened +Status: Closed
 [2020-05-07 04:30 UTC] bd808@php.net 
The bug_74886 failure that I reopened this for is a false positive. That particular failure is happening on an x86 (32bit) runtime. Not much my library can do to make PHP_INT_MAX longer.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 13:01:31 2024 UTC