php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47836 array operator [] inconsistency when the array has PHP_INT_MAX index value
Submitted: 2009-03-30 07:40 UTC Modified: 2009-06-07 19:32 UTC
From: for-bugs at hnw dot jp Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 5.2.9 OS: *
Private report: No CVE-ID:
 [2009-03-30 07:40 UTC] for-bugs at hnw dot jp
Description:
------------
The behavior of operator [] to the array is sometimes strange or hard to describe the specification. For instance, the array which has two index, 2147483647 and -2147483648 on 32bit environment gets strange results. See below example:

Reproduce code:
---------------
<?php
$array=array();
$array[-2147483648]=2;
$array[2147483647]=1;
$array[]=3;
var_dump($array);

$array=array();
$array[2147483647]=1;
$array[-2147483648]=2;
$array[]=3;
var_dump($array);

Expected result:
----------------
It should be same behavior. I think, the substitution to $array[] shuold be both failed for this case.

Actual result:
--------------
PHP Warning:  Cannot add element to the array as the next element is already occupied in ./array-maxint-test.php on line 5
array(2) {
  [-2147483648]=>
  int(2)
  [2147483647]=>
  int(1)
}
array(3) {
  [2147483647]=>
  int(1)
  [-2147483648]=>
  int(2)
  [-2147483647]=>
  int(3)
}

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-03-30 11:00 UTC] mattwil@php.net
Untested, but it seems like this would give the expected result. In zend_hash.c:_zend_hash_index_update_or_next_insert(), change the check from

if ((long)h >= (long)ht->nNextFreeElement) {
	ht->nNextFreeElement = h + 1;
}

to

if (h >= ht->nNextFreeElement && h < LONG_MAX) {
	ht->nNextFreeElement = h + 1;
}
 [2009-06-07 19:32 UTC] mattwil@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sat Apr 19 14:01:50 2014 UTC