php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #38839 wddx_serialize_value() broken in 4.4.3 and greater.
Submitted: 2006-09-15 09:56 UTC Modified: 2010-12-20 12:18 UTC
From: rob at choralone dot org Assigned: jani
Status: Closed Package: WDDX related
PHP Version: 4.4.4 OS: Linux
Private report: No CVE-ID:
 [2006-09-15 09:56 UTC] rob at choralone dot org
Description:
------------
wddx_serialize_value() produces bad wddx data when serializing an associative array.

This first started happening with PHP 4.4.3, so I suspect the fix for bug #37569 (WDDX incorrectly encodes high-ascii characters) probably broke it.

Reproduce code:
---------------
<?php
$data = array('foo' => 'bar');
print(wddx_serialize_value($data));
?>

Expected result:
----------------
<wddxPacket version='1.0'><header/><data><struct><var name='foo'><string>bar</string></var></struct></data></wddxPacket>

run through xml tidy to make it readable:

<wddxPacket version='1.0'>
  <header/>
  <data>
    <struct>
      <var name='foo'>
        <string>bar</string>
      </var>
    </struct>
  </data>
</wddxPacket>

Actual result:
--------------
<wddxPacket version='1.0'><header/><data><struct><va<string>bar</string></var></struct></data></wddxPacket>

run through xml tidy to make it readable:

<wddxPacket version='1.0'>
  <header/>
  <data>
    <struct>
      <va<string>bar</string></var>
    </struct>
  </data>
</wddxPacket>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-09-15 10:40 UTC] rob at choralone dot org
Yes, that's fixed it - thank you.

For anyone else interested, this is the patch I'm bundling in our company RPM build of php 4.4.4 that fixes the issue:

--- php-4.4.4/ext/wddx/wddx.c   2006-05-26 02:55:26.000000000 +0100
+++ php-4.4.4/ext/wddx/wddx-new.c       2006-08-24 09:32:37.000000000 +0100
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */

-/* $Id: wddx.c,v 1.96.2.6.2.7 2006/05/26 01:55:26 iliaa Exp $ */
+/* $Id: wddx.c,v 1.96.2.6.2.8 2006/08/24 08:30:28 tony2001 Exp $ */

 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -432,7 +432,7 @@
        tmp = *var;
        zval_copy_ctor(&tmp);
        convert_to_string(&tmp);
-       snprintf(tmp_buf, Z_STRLEN(tmp), WDDX_NUMBER, Z_STRVAL(tmp));
+       snprintf(tmp_buf, sizeof(tmp_buf), WDDX_NUMBER, Z_STRVAL(tmp));
        zval_dtor(&tmp);

        php_wddx_add_chunk(packet, tmp_buf);
@@ -630,8 +630,8 @@

        if (name) {
                name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES, NULL TSRMLS_CC);
-               tmp_buf = emalloc(name_esc_len + 1);
-               snprintf(tmp_buf, name_esc_len, WDDX_VAR_S, name_esc);
+               tmp_buf = emalloc(name_esc_len + sizeof(WDDX_VAR_S));
+               snprintf(tmp_buf, name_esc_len + sizeof(WDDX_VAR_S), WDDX_VAR_S, name_esc);
                php_wddx_add_chunk(packet, tmp_buf);
                efree(tmp_buf);
                efree(name_esc);
 [2006-09-15 11:04 UTC] tony2001@php.net
Great, thanks.
 [2010-12-20 12:18 UTC] jani@php.net
-Package: Tidy +Package: WDDX related -Assigned To: +Assigned To: jani
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 19:01:51 2014 UTC