php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #36741 userstreams testcase have off-by-one error on fseek()
Submitted: 2006-03-15 05:58 UTC Modified: 2006-03-20 23:09 UTC
From: elliot dot li at gmail dot com Assigned:
Status: Closed Package: Streams related
PHP Version: 5.1.2 OS: Linux
Private report: No CVE-ID: None
 [2006-03-15 05:58 UTC] elliot dot li at gmail dot com
Description:
------------
This case(php-5.1.2/ext/standard/tests/file/userstreams.phpt) generates a bunch of random numbers and use them as offsets for fseek() test on a userstream. However, the range of these random numbers is [0, $DATALEN](rand(0, $DATALEN)), which should be [0, $DATALEN).

======== CODE SNIP FOLLOWS ========
/* generate some random seek offsets */
$position = 0;
for ($i = 0; $i < 256; $i++) {
        $whence = $whence_map[array_rand($whence_map, 1)];
        switch($whence) {
                case SEEK_SET:
                        $offset = rand(0, $DATALEN);
                        $position = $offset;
                        break;
                case SEEK_END:
                        $offset = -rand(0, $DATALEN);
                        $position = $DATALEN + $offset;
                        break;
                case SEEK_CUR:
                        $offset = rand(0, $DATALEN);
                        $offset -= $position;
                        $position += $offset;
                        break;
        }

        $seeks[] = array($whence, $offset, $position);
}
========  CODE SNIP ABOVE  ========

Reproduce code:
---------------
Run this case on and on for a while, you can encounter this problem. I found this problem during a regression test, and reproduced it on my PC(Pentium 4 2.6GHz) within one day.

Expected result:
----------------
No error should be reported if everything goes OK.

Actual result:
--------------
========= LOG SNIP FOLLOWS =========
--[34] whence=SEEK_SET offset=32550 line_length=1024 position_should_be=32550 --
REAL: pos=(29175,32550,32550) ret=0 line[0]=`'
USER: pos=(29175,29175,29175) ret=0 line[16]=`zl urnq vf ubzr
'
###################################### FAIL!
=========  LOG SNIP ABOVE  =========

32550 is the total length of the userstream, so fseek($fp, 32550, SEEK_SET) must fail.

I noticed another problem: mystream.stream_seek() would return a false on this condition, but the return value of fseek() is still 0! This would lead to the result that the failure of seeking in a userstream couldn't be noticed by the main program.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-03-18 21:57 UTC] tony2001@php.net
Do you have a patch? (unified diff, please)
 [2006-03-20 01:43 UTC] elliot dot li at gmail dot com
Well, this is my patch. (sorry, I don't know how to append an attachment)

===== php-5.1.2-userstreams.test.patch FOLLOWS =====
diff -Nur php-5.1.2/ext/standard/tests/file/userstreams.phpt php-5.1.2.my/ext/standard/tests/file/userstreams.phpt
--- php-5.1.2/ext/standard/tests/file/userstreams.phpt  2003-11-30 21:57:17.000000000 +0800
+++ php-5.1.2.my/ext/standard/tests/file/userstreams.phpt       2006-03-20 08:32:10.000000000 +0800
@@ -211,15 +211,15 @@
        $whence = $whence_map[array_rand($whence_map, 1)];
        switch($whence) {
                case SEEK_SET:
-                       $offset = rand(0, $DATALEN);
+                       $offset = rand(0, $DATALEN-1);
                        $position = $offset;
                        break;
                case SEEK_END:
-                       $offset = -rand(0, $DATALEN);
+                       $offset = -rand(0, $DATALEN-1);
                        $position = $DATALEN + $offset;
                        break;
                case SEEK_CUR:
-                       $offset = rand(0, $DATALEN);
+                       $offset = rand(0, $DATALEN-1);
                        $offset -= $position;
                        $position += $offset;
                        break;
===== php-5.1.2-userstreams.test.patch ABOVE =====
 [2006-03-20 23:09 UTC] tony2001@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC