php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #36526 compressed data corruption when passed to another script via _REQUEST
Submitted: 2006-02-25 13:17 UTC Modified: 2006-05-08 12:07 UTC
From: terry at kryogenic dot co dot uk Assigned:
Status: Not a bug Package: *Compression related
PHP Version: 5.1.2 OS: Debian
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
26 + 25 = ?
Subscribe to this entry?

 
 [2006-02-25 13:17 UTC] terry at kryogenic dot co dot uk 
Description:
------------
serializing, compressing and bzcompress/gzcompress an object then sending to another script via _REQUEST seems to cause corruption. bzdecompress returns error code -4. This following code works in php4 & php5.0.x but not 5.1.2. gzcompress also returns a very similar error.



Reproduce code:
---------------
script a)
  $compStr = bzcompress(serialize($an_array));
  $base64Str = base64_encode($compStr);

  /* send this to script b like so:
   * http://somehost/script_b.php?object=$base64Str
   */

script b)
  $decStr = bzdecompress(base64_decode($_REQUEST['error']));
  $array = unserialize($decStr);

Expected result:
----------------
bzdecompress should succeed and after unserialization I should end up with the original array from script a.

Actual result:
--------------
bzdecompress returns -4 (data error) and unserialize would of course fail in the code above.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-02-25 13:21 UTC] terry at kryogenic dot co dot uk 
$decStr = bzdecompress(base64_decode($_REQUEST['error'])); should be $decStr = bzdecompress(base64_decode($_REQUEST['object'])); in the example code. My bad :)
 [2006-02-25 16:09 UTC] mike@php.net 
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

Treat the base64 encoded string with urlencode() prior passing in a link.
 [2006-02-25 16:20 UTC] terry at kryogenic dot co dot uk 
Sorry if this seems like its not a bug but I have been through the relevant channels already. urlencode does not work either, I should have mentioned that here (sorry). There is a difference between the strings after a decode of any sort.

It sure looked like a bug when I reported it. Sorry I wasted your time.
 [2006-02-25 17:26 UTC] mike@php.net 
I don't get it.

Does it work now or not?
 [2006-02-25 17:38 UTC] terry at kryogenic dot co dot uk 
No, it doesn't work. Like I said I should have given more details into what I tried when I wrote the report, I tried urlencode with and without base64_encode. I also tried without compression and it worked which is why I clearly thought wrongly that it was a bug.

I tested it by pointing the script to itself, urlencode worked but not base64_encode (which obviously clears up the fact I should have used urlencode anyway). Interestingly, I can decode the string and decompress it with no problem without sending the data to itself or another script.
 [2006-05-08 11:52 UTC] terry at kryogenic dot co dot uk 
Well?
 [2006-05-08 12:07 UTC] bjori@php.net 
You need to change the status of the report yourself if you 
still belive this is a bug.
However, I can't reproduce it with latest CVS so please 
check it out before you change the status.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 19:01:28 2024 UTC