php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #18665 Empty number tag produces random value after deserialization
Submitted: 2002-07-31 08:46 UTC Modified: 2002-08-02 19:10 UTC
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:3 (100.0%)
From: mark at q-go dot com Assigned:
Status: Closed Package: WDDX related
PHP Version: 4.1.2, 4.2.0 OS: Linux RH 7.1, Compaq Tru64
Private report: No CVE-ID: None
 [2002-07-31 08:46 UTC] mark at q-go dot com
The following code:

<?
$p = "<wddxPacket version='1.0'><header/><data><struct><var name='var1'><number/></var><var name='var2'><number>1</number></var></struct></data></wddxPacket>";
print_r(wddx_deserialize($p));
?>

shows that the variable 'var1' gets a random value after deserialization. I would expect that 'var1' wouldn't get set, or at least assigned with the value 0.

If you can't reproduce it the first time, reload the script a couple of times.

Kind regards
Mark Pors


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-31 08:49 UTC] nohn@php.net
Could verify this with PHP 4.2.0 on Compaq Tru64. Verification with PHP 4.3.0-dev from 2002/07/30 failed. So seems to be fixed in CVS. Can anyone of PHP-DEV confirm this?
 [2002-08-02 19:10 UTC] sniper@php.net
This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed May 22 22:01:32 2024 UTC