php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19201 htmlspecialchars, et al crashes when called with quote_style
Submitted: 2002-08-30 13:09 UTC Modified: 2003-01-26 01:00 UTC
From: stromgt at slu dot edu Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 4.2.2 OS: Digital Unix 4.0G
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: stromgt at slu dot edu
New email:
PHP Version: OS:

 

 [2002-08-30 13:09 UTC] stromgt at slu dot edu
The htmlspecialchars and htmlentities functions crash php(typical "document contains no data" error) when called with the second parameter, quote_style (ENT_COMPAT, ENT_QUOTES, ENT_NOQUOTES).

If called without the second parameter, these functions return the expected results.

May be related to Bug #18048.

Sample Script:

<?php

$string = "&\"'<>";
$temp = htmlspecialchars($string,ENT_QUOTES);
echo $temp;

?>

Configuration Command:
'--with-apache=/usr/src/apache_1.3.26' '--with-mysql' '--with-gd=/usr/local' '--with-freetype-dir=/usr/local' '--with-t1lib=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-pdflib=/usr/local' '--with-openssl=/usr/local/ssl' '--with-zlib-dir=/usr/local' '--with-java=/usr/opt/java131' '--with-ldap=/usr/local' '--with-imap=/usr/local/lib' '--with-mcrypt=/usr/local/lib/libmcrypt' '--enable-track-vars' '--enable-ftp' '--enable-sockets' '--enable-trans-sid'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-08-30 13:15 UTC] derick@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip


 [2002-08-30 13:18 UTC] derick@php.net
Forgot to say that I can not reproduce this with php 4.2.0-dev (march 7) or php 4.3.0-dev (august 25). They both show this result:

&amp;&quot;&#039;&lt;&gt;
 [2002-09-23 08:09 UTC] sniper@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 [2003-01-10 10:48 UTC] stromgt at slu dot edu
Still crashes with PHP 4.3.0.

I do not have a license for dbx so I can't provide a backtrace, but running the example above from the command line against the cgi binary produces the following:

Unaligned access pid=25896 <php> va=0x1400c4cec pc=0x120244758 ra=0x1200bda78 inst=0xb4290000
Unaligned access pid=25896 <php> va=0x11fffdb7c pc=0x120236d64 ra=0x120237408 inst=0xb42c0000
Segmentation fault
 [2003-01-10 12:23 UTC] moriyoshi@php.net
Which compiler (and version) did you use to build the PHP binary?
Some old compilers may produce bogus codes that cause unaligned access.

 [2003-01-10 12:35 UTC] stromgt at slu dot edu
% gcc -v
Reading specs from /usr/local/lib/gcc-lib/alphaev56-dec-osf4.0g/3.2/specs
Configured with: ../gcc-3.2/configure 
Thread model: single
gcc version 3.2
 [2003-01-26 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 08 09:01:33 2024 UTC