php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #22904 sybase_magic_quotes does stuff with '\0' string
Submitted: 2003-03-26 09:25 UTC Modified: 2003-04-23 15:40 UTC
From: momo@php.net Assigned:
Status: Wont fix Package: Sybase-ct (ctlib) related
PHP Version: 4.3.2RC1 OS: linux RH7.2
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: momo@php.net
New email:
PHP Version: OS:

 

 [2003-03-26 09:25 UTC] momo@php.net
here is simple code:
----------------
<?
$f = fopen("test.txt","rb");
$buf= fread($f,4096);
$f2 = fopen("test2","wb");
fwrite($f2,$buf);
?>
---------------

where test.txt content is:
--------------test \0 test
--------------

the result test2 file is:
---------------
test ? test
---------------

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-03-26 09:33 UTC] iliaa@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

Cannot verify this bug with latest CVS. I think your editor just shows \0 as ?
 [2003-03-26 10:18 UTC] momo@php.net
problem still exists on last cvs.

my editor show ascii(0) as ? but '\0' have to be showen as '\0'
mean, if the orginal text (c code this case) file included the \0 *string* i does't want fwrite() replace it with ascii(0)! but to save it as the orginal string.
 [2003-03-26 10:31 UTC] momo@php.net
well, using set_magic_quotes_runtime(0); fix the problem.

due to my quick debug, the problem is somewhere into php_stripslashes called on file.c:1543 i'll try to look into it on friday if this bug still 'll be exists.
 [2003-03-27 03:06 UTC] momo@php.net
ok, problem here is that php_stripslashes for sybase_magic_quetes replace '\0' with ascii(0) due reverse action on php_addslashes.

IMHO in contrary to '\'' type replacements where we "maintains" the data "queues fixed" all over the script, on ascii(0) data, we have no problem do it onto the query level.
there'll be minore bc problem but the current beavior is totally bogus!
 [2003-03-27 03:48 UTC] wez@php.net
Nothing to do with fwrite
 [2003-03-27 09:06 UTC] iliaa@php.net
Is this even a bug? It seems to me the code follows the 'proper' behaviour for sybase_magic_quotes, no?
 [2003-03-31 06:31 UTC] momo@php.net
if the stripslashes have to recover the string as it was before addslashes'ing so it fails.

all this code looks to me too disordered. for example, into the sybase stripslashes there is the code:

----
if (*t == '\'') {
				if ((l > 0) && (t[1] == '\'')) {
					t++;
					if (len != NULL) {
						(*len)--;
					}
					l--;
				}
				*s++ = *t++;
---

but this code have nothing with slashes at all!

i'll try to learn the subject when i'll find some time for it and do some order.
 [2003-04-01 07:24 UTC] momo@php.net
i revert the fix, coz some unexpected effects.
i'll try later.
 [2003-04-23 04:32 UTC] sniper@php.net
I can't see any bug here..

 [2003-04-23 15:40 UTC] momo@php.net
as i answerd ilia, if the stripslashes have to recover the string as it was before addslashes'ing so it fails.

changing this behavior mean changing all this "magic" thing so won't fix is the correct status.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue May 28 03:01:32 2024 UTC