|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45226 xmlrpc_set_type() segfaults with valid ISO8601 date string
Submitted: 2008-06-10 05:12 UTC Modified: 2008-09-10 00:10 UTC
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: bmn at bmn dot name Assigned:
Status: Closed Package: XMLRPC-EPI related
PHP Version: 5.2.6 OS: *
Private report: No CVE-ID:
 [2008-06-10 05:12 UTC] bmn at bmn dot name
PHP crashes when trying to call xmlrpc_set_type with a correctly formatted ISO8601 datetime string from the date() function. 

Note that if you specify a datetime string without the +/-00:00, it will work.
If you specify the timezome information (as the constant DATE_ISO8601 does), php will crash.

Reproduce code:
// this code breaks
$d = date(DATE_ISO8601);
xmlrpc_set_type($d, 'datetime');
echo xmlrpc_encode_request('', array('date' => $d));

//working code
$d = '2008-01-01 20:00:00';
xmlrpc_set_type($d, 'datetime');
echo xmlrpc_encode_request('', array('date' => $d));

Expected result:

Actual result:
*** stack smashing detected ***: php terminated
Aborted (core dumped)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-09 15:17 UTC] ndeschildre at gmail dot com
Patch found on the original xmlrpc-epi lib:
 [2008-09-10 00:10 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Fixed in 5.2.7, 5.3, HEAD.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Sat Nov 28 13:01:32 2015 UTC