php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #24727 Net::NNTP getBody() breaks binary data with trim()
Submitted: 2003-07-20 10:57 UTC Modified: 2003-08-04 02:51 UTC
From: meebey@php.net Assigned: heino (profile)
Status: Closed Package: PEAR related
PHP Version: Irrelevant OS: Debian
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: meebey@php.net
New email:
PHP Version: OS:

 

 [2003-07-20 10:57 UTC] meebey@php.net
Description:
------------
getBody() of the NNTP class does a trim() for each time it reads data from the server, this breaks binary data.
It should just cut the \r\n with a str_replace or something similiar, the trim() function removes chars which can be part of binary data.

Here the patch:
--- NNTP.php	2003-07-20 17:55:30.000000000 +0200
+++ NNTPpatched.php	2003-07-20 17:55:52.000000000 +0200
@@ -377,7 +377,7 @@
 
         $body = null;
         while (!feof($this->fp)) {
-            $line = trim(fgets($this->fp, 256));
+            $line = str_replace("\r\n", '', fgets($this->fp, 256));
 
             if ($line == '.') {
                 break;



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-07-21 09:41 UTC] developer at heino dot gehlsen dot dk
using str_replace() on the whole string would make some unwanted overhead!

using rtrim() would do the job
-------------------------------------------------
-    $line = trim(fgets($this->fp, 256));
+    $line = rtrim(fgets($this->fp, 256), "\r\n");
-------------------------------------------------

Tthe code will still not be binary safe, since rfc977 handles $line[0]=='.' by doubling the '.' to '..'
 [2003-07-31 04:31 UTC] nicos@php.net
Okay here is a general patch, I need comments before commiting it, anyone?

Index: NNTP.php
===================================================================
RCS file: /repository/pear/Net_NNTP/NNTP.php,v
retrieving revision 1.14
diff -u -u -r1.14 NNTP.php
--- NNTP.php    4 Jan 2003 11:55:49 -0000       1.14
+++ NNTP.php    31 Jul 2003 09:30:26 -0000
@@ -215,7 +215,7 @@
         }
         $post = null;
         while (!feof($this->fp)) {
-            $line = trim(fgets($this->fp, 256));
+            $line = rtrim(fgets($this->fp, 256), "\r\n");

             if ($line == ".") {
                 break;
@@ -260,8 +260,7 @@
         fputs($this->fp, "POST\n");

         /* The servers' response */
-        $response = trim(fgets($this->fp, 128));
-
+        $response = rtrim(fgets($this->fp, 128), "\r\n");
         fputs($this->fp, "From: $from\n");
         fputs($this->fp, "Newsgroups: $newsgroup\n");
         fputs($this->fp, "Subject: $subject\n");
@@ -270,7 +269,7 @@
         fputs($this->fp, "\n$body\n.\n");

         /* The servers' response */
-        $response = trim(fgets($this->fp, 128));
+        $response = rtrim(fgets($this->fp, 128), "\r\n");

         return $response;
     }
@@ -295,7 +294,7 @@

         $headers = '';
         while(!feof($this->fp)) {
-            $line = trim(fgets($this->fp, 256));
+            $line = rtrim(fgets($this->fp, 128), "\r\n");

             if ($line == '.') {
                 break;
@@ -379,7 +378,7 @@

         $body = null;
         while (!feof($this->fp)) {
-            $line = trim(fgets($this->fp, 256));
+            $line = rtrim(fgets($this->fp, 128), "\r\n");

             if ($line == '.') {
                 break;
@@ -408,7 +407,7 @@
     {
         $body = array();
         while(!feof($this->fp)) {
-            $line = trim(fgets($this->fp, 256));
+            $line = rtrim(fgets($this->fp, 128), "\r\n");
             if ($line == '.') {
                 break;
             } else {

 [2003-07-31 04:43 UTC] meebey@php.net
nicos talk to heino, he is the new package maintainer of NNTP.
 [2003-07-31 05:51 UTC] heino at gehlsen dot dk
The patch seems fine, but the code is still not binary safe in some rare cases...

(feel free to commit and close - I haven't been granted access to the cvs yet)
 [2003-08-04 01:53 UTC] arnaud@php.net
Heino: I saw you committed a patch to CVS, can you close this bug ?
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Oct 28 11:03:33 2021 UTC