PHP :: Bug #19201 :: htmlspecialchars, et al crashes when called with quote

Bug #19201	htmlspecialchars, et al crashes when called with quote_style
Submitted:	2002-08-30 13:09 UTC	Modified:	2003-01-26 01:00 UTC
From:	stromgt at slu dot edu	Assigned:
Status:	No Feedback	Package:	Reproducible crash
PHP Version:	4.2.2	OS:	Digital Unix 4.0G
Private report:	No	CVE-ID:	None

View Developer Edit

[2002-08-30 13:09 UTC] stromgt at slu dot edu

The htmlspecialchars and htmlentities functions crash php(typical "document contains no data" error) when called with the second parameter, quote_style (ENT_COMPAT, ENT_QUOTES, ENT_NOQUOTES).

If called without the second parameter, these functions return the expected results.

May be related to Bug #18048.

Sample Script:

<?php

$string = "&\"'<>";
$temp = htmlspecialchars($string,ENT_QUOTES);
echo $temp;

?>

Configuration Command:
'--with-apache=/usr/src/apache_1.3.26' '--with-mysql' '--with-gd=/usr/local' '--with-freetype-dir=/usr/local' '--with-t1lib=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-pdflib=/usr/local' '--with-openssl=/usr/local/ssl' '--with-zlib-dir=/usr/local' '--with-java=/usr/opt/java131' '--with-ldap=/usr/local' '--with-imap=/usr/local/lib' '--with-mcrypt=/usr/local/lib/libmcrypt' '--enable-track-vars' '--enable-ftp' '--enable-sockets' '--enable-trans-sid'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-08-30 13:15 UTC] derick@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip

[2002-08-30 13:18 UTC] derick@php.net

Forgot to say that I can not reproduce this with php 4.2.0-dev (march 7) or php 4.3.0-dev (august 25). They both show this result:

&amp;&quot;&#039;&lt;&gt;

[2002-09-23 08:09 UTC] sniper@php.net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

[2003-01-10 10:48 UTC] stromgt at slu dot edu

Still crashes with PHP 4.3.0.

I do not have a license for dbx so I can't provide a backtrace, but running the example above from the command line against the cgi binary produces the following:

Unaligned access pid=25896 <php> va=0x1400c4cec pc=0x120244758 ra=0x1200bda78 inst=0xb4290000
Unaligned access pid=25896 <php> va=0x11fffdb7c pc=0x120236d64 ra=0x120237408 inst=0xb42c0000
Segmentation fault

[2003-01-10 12:23 UTC] moriyoshi@php.net

Which compiler (and version) did you use to build the PHP binary?
Some old compilers may produce bogus codes that cause unaligned access.

[2003-01-10 12:35 UTC] stromgt at slu dot edu

% gcc -v
Reading specs from /usr/local/lib/gcc-lib/alphaev56-dec-osf4.0g/3.2/specs
Configured with: ../gcc-3.2/configure 
Thread model: single
gcc version 3.2

[2003-01-26 01:00 UTC] php-bugs at lists dot php dot net

No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 10:01:28 2025 UTC