PHP :: Bug #17963 :: multipart/form-data post error

Bug #17963

multipart/form-data post error

Submitted:

2002-06-25 04:32 UTC

Modified:

2002-07-10 23:27 UTC

Votes:	2
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

nvqtq at naver dot com

Assigned:

Status:

Closed

Package:

cURL related

PHP Version:

4.2.1

OS:

all

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	nvqtq at naver dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2002-06-25 04:32 UTC] nvqtq at naver dot com

Hello.
Why is the result of this program like the this?
What there is the fault.
Probably there are we like the bug.
The postingfieldname does not know why we are changed in this way.
Inform the invalid sounding-line please.

-------------------------------------------------------------------------------
------------------------------    php source   --------------------------------

<?
$post['mode'] = 'result';
$post['val1'] = 'value1';
$post['val2'] = 'value2';
$post['val3'] = 'value3';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://test.com/test.php');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 1 );
curl_setopt($ch, CURLOPT_VERBOSE, 1 );
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)");
curl_setopt($ch, CURLOPT_POSTFIELDS, $post );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
echo "$result";
curl_close($ch);
?>

-------------------------------------------------------------------------------
------------------    network snipping result     -----------------------------


POST /test.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Host: test.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Content-Length: 417
Expect: 100-continue
Content-Type: multipart/form-data; boundary=curlgyo1xC0h80m1EP5OD3RQcSQqRqk

--curlgyo1xC0h80m1EP5OD3RQcSQqRqk
Content-Disposition: form-data; name="mode????1" //<!---The postingfieldname does not know why we are changed in this way.-->

result
--curlgyo1xC0h80m1EP5OD3RQcSQqRqk
Content-Disposition: form-data; name="val1????1" //<!---The postingfieldname does not know why we are changed in this way.-->

value1
--curlgyo1xC0h80m1EP5OD3RQcSQqRqk
Content-Disposition: form-data; name="val2????1" //<!---The postingfieldname does not know why we are changed in this way.-->

value2
--curlgyo1xC0h80m1EP5OD3RQcSQqRqk
Content-Disposition: form-data; name="val3????1" //<!---The postingfieldname does not know why we are changed in this way.-->

value3
--curlgyo1xC0h80m1EP5OD3RQcSQqRqk--

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-06-25 10:06 UTC] nvqtq at naver dot com

[2002-06-26 04:23 UTC] daniel at haxx dot se

Allow me to offer my wild assumptions and guesses, as posted previously to the curl-and-php mailing list:

(http://curl.haxx.se/mail/curlphp-2002-06/0035.html)

Could it be that the string isn't properly zero terminated when the PHP/CURL module extracts the PHP string using

  zend_hash_get_current_key_ex(postfields, &string_key, &string_key_len, &num_key, 0, NULL);

followed by

  error = curl_formadd(&first, &last,
                        CURLFORM_COPYNAME, string_key,
                        CURLFORM_PTRCONTENTS, postval,
                        CURLFORM_CONTENTSLENGTH, Z_STRLEN_PP(current),
                        CURLFORM_END);

The CURLFORM_COPYNAME option requires a zero terminated string, which this 'string_key' perhaps isn't?

You could try to add

             CURLFORM_NAMELENGTH, string_key_len,

Which then would take away the need for the zero termination.

I'm not a PHP hacker.

[2002-06-27 11:03 UTC] per_hekansson at hermes dot ics dot lu dot se

That seems to do the trick. I would love somebody to put it in the next binary. The home compilation was a bit to messy to be enjoyable.

/Per

[2002-07-10 23:27 UTC] sniper@php.net

This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 10:01:29 2024 UTC