|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #36526 compressed data corruption when passed to another script via _REQUEST
Submitted: 2006-02-25 13:17 UTC Modified: 2006-05-08 12:07 UTC
From: terry at kryogenic dot co dot uk Assigned:
Status: Not a bug Package: *Compression related
PHP Version: 5.1.2 OS: Debian
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: terry at kryogenic dot co dot uk
New email:
PHP Version: OS:


 [2006-02-25 13:17 UTC] terry at kryogenic dot co dot uk
serializing, compressing and bzcompress/gzcompress an object then sending to another script via _REQUEST seems to cause corruption. bzdecompress returns error code -4. This following code works in php4 & php5.0.x but not 5.1.2. gzcompress also returns a very similar error.

Reproduce code:
script a)
  $compStr = bzcompress(serialize($an_array));
  $base64Str = base64_encode($compStr);

  /* send this to script b like so:
   * http://somehost/script_b.php?object=$base64Str

script b)
  $decStr = bzdecompress(base64_decode($_REQUEST['error']));
  $array = unserialize($decStr);

Expected result:
bzdecompress should succeed and after unserialization I should end up with the original array from script a.

Actual result:
bzdecompress returns -4 (data error) and unserialize would of course fail in the code above.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2006-02-25 13:21 UTC] terry at kryogenic dot co dot uk
$decStr = bzdecompress(base64_decode($_REQUEST['error'])); should be $decStr = bzdecompress(base64_decode($_REQUEST['object'])); in the example code. My bad :)
 [2006-02-25 16:09 UTC]
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

Treat the base64 encoded string with urlencode() prior passing in a link.
 [2006-02-25 16:20 UTC] terry at kryogenic dot co dot uk
Sorry if this seems like its not a bug but I have been through the relevant channels already. urlencode does not work either, I should have mentioned that here (sorry). There is a difference between the strings after a decode of any sort.

It sure looked like a bug when I reported it. Sorry I wasted your time.
 [2006-02-25 17:26 UTC]
I don't get it.

Does it work now or not?

 [2006-02-25 17:38 UTC] terry at kryogenic dot co dot uk
No, it doesn't work. Like I said I should have given more details into what I tried when I wrote the report, I tried urlencode with and without base64_encode. I also tried without compression and it worked which is why I clearly thought wrongly that it was a bug.

I tested it by pointing the script to itself, urlencode worked but not base64_encode (which obviously clears up the fact I should have used urlencode anyway). Interestingly, I can decode the string and decompress it with no problem without sending the data to itself or another script.
 [2006-05-08 11:52 UTC] terry at kryogenic dot co dot uk
 [2006-05-08 12:07 UTC]
You need to change the status of the report yourself if you 
still belive this is a bug.
However, I can't reproduce it with latest CVS so please 
check it out before you change the status.

PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sat Jan 29 05:03:33 2022 UTC