php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34821 zlib encoders fail on widely varying binary data
Submitted: 2005-10-10 22:50 UTC Modified: 2005-10-25 17:18 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: mike@php.net Assigned: mike
Status: Closed Package: Zlib related
PHP Version: 5CVS-2005-10-10 (cvs) OS: win32 only
Private report: No CVE-ID:
 [2005-10-10 22:50 UTC] mike@php.net
Description:
------------
Probably an edge case, but so nobody could claim I didn't report it ;)  It starts to fail with ~200k+.


Reproduce code:
---------------
<?php

$j = 200000;
$s = '';

srand(time());
for ($i = 0; $i < $j; ++$i) {
	$s .= chr(rand(0,255));
}
gzencode($s); // fails with buffer error

$r = array();
echo "\nCharcode stats:\n";
for ($i = 0; $i < $j; ++$i) {
	$x = ord($s{$i});
	$r[$x] = isset($r[$x]) ? $r[$x]+1 : 1;
}
asort($r);
printf("MIN: %d -- AVG: %d -- MAX: %d\n", current($r), array_sum($r)/count($r), end($r));

?>


Expected result:
----------------
No error

Actual result:
--------------
Warning: gzencode(): buffer error in C:\Webserver\mike\zone\gzencode.php on line 10

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-11 17:38 UTC] mike@php.net
A possible fix would be to raise the size of the memory allocated by default, e.g. adding 1% to the length of the incoming data instead of 0.1% additionally to some "safe" padding bytes.

 [2005-10-13 19:05 UTC] iliaa@php.net
I've just tried the code on Linux using 5.1-cvs and I am not seeing any errors being reported.
 [2005-10-13 21:13 UTC] mike@php.net
It apparently only fails on Windows...

Don't ask me why I didn't check on Linux too, at the first place, but Tony, why did you request a patch? Did you try the script and did it fail or not?


 [2005-10-14 14:02 UTC] mike@php.net
Reopen for Win32, Edin yould you verify or the opposite?
Thanks.
 [2005-10-24 00:16 UTC] edink@php.net
I get the same error msg on my windows test box. Mike you seem to have to solution.
 [2005-10-24 00:22 UTC] edink@php.net
I can also verify that applying the patch solves the problem.
 [2005-10-25 17:18 UTC] mike@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 18:01:58 2014 UTC