php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #22904 sybase_magic_quotes does stuff with '\0' string
Submitted: 2003-03-26 09:25 UTC Modified: 2003-04-23 15:40 UTC
From: momo@php.net Assigned:
Status: Wont fix Package: Sybase-ct (ctlib) related
PHP Version: 4.3.2RC1 OS: linux RH7.2
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2003-03-26 09:25 UTC] momo@php.net
here is simple code:
----------------
<?
$f = fopen("test.txt","rb");
$buf= fread($f,4096);
$f2 = fopen("test2","wb");
fwrite($f2,$buf);
?>
---------------

where test.txt content is:
--------------test \0 test
--------------

the result test2 file is:
---------------
test ? test
---------------

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-03-26 09:33 UTC] iliaa@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

Cannot verify this bug with latest CVS. I think your editor just shows \0 as ?
 [2003-03-26 10:18 UTC] momo@php.net
problem still exists on last cvs.

my editor show ascii(0) as ? but '\0' have to be showen as '\0'
mean, if the orginal text (c code this case) file included the \0 *string* i does't want fwrite() replace it with ascii(0)! but to save it as the orginal string.
 [2003-03-26 10:31 UTC] momo@php.net
well, using set_magic_quotes_runtime(0); fix the problem.

due to my quick debug, the problem is somewhere into php_stripslashes called on file.c:1543 i'll try to look into it on friday if this bug still 'll be exists.
 [2003-03-27 03:06 UTC] momo@php.net
ok, problem here is that php_stripslashes for sybase_magic_quetes replace '\0' with ascii(0) due reverse action on php_addslashes.

IMHO in contrary to '\'' type replacements where we "maintains" the data "queues fixed" all over the script, on ascii(0) data, we have no problem do it onto the query level.
there'll be minore bc problem but the current beavior is totally bogus!
 [2003-03-27 03:48 UTC] wez@php.net
Nothing to do with fwrite
 [2003-03-27 09:06 UTC] iliaa@php.net
Is this even a bug? It seems to me the code follows the 'proper' behaviour for sybase_magic_quotes, no?
 [2003-03-31 06:31 UTC] momo@php.net
if the stripslashes have to recover the string as it was before addslashes'ing so it fails.

all this code looks to me too disordered. for example, into the sybase stripslashes there is the code:

----
if (*t == '\'') {
				if ((l > 0) && (t[1] == '\'')) {
					t++;
					if (len != NULL) {
						(*len)--;
					}
					l--;
				}
				*s++ = *t++;
---

but this code have nothing with slashes at all!

i'll try to learn the subject when i'll find some time for it and do some order.
 [2003-04-01 07:24 UTC] momo@php.net
i revert the fix, coz some unexpected effects.
i'll try later.
 [2003-04-23 04:32 UTC] sniper@php.net
I can't see any bug here..

 [2003-04-23 15:40 UTC] momo@php.net
as i answerd ilia, if the stripslashes have to recover the string as it was before addslashes'ing so it fails.

changing this behavior mean changing all this "magic" thing so won't fix is the correct status.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri May 24 02:01:25 2019 UTC