php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51094 parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon
Submitted: 2010-02-19 22:10 UTC Modified: 2012-06-08 01:21 UTC
Votes:4
Avg. Score:4.5 ± 0.9
Reproduced:4 of 4 (100.0%)
Same Version:2 (50.0%)
Same OS:1 (25.0%)
From: viaujoc at videotron dot ca Assigned: pierrick (profile)
Status: Closed Package: Filesystem function related
PHP Version: * OS:
Private report: No CVE-ID: None
 [2010-02-19 22:10 UTC] viaujoc at videotron dot ca
Description:
------------
When using parse_ini_file() function with $scanner_mode=INI_SCANNER_RAW, any semi-colon (;) in the value is seen as the end of the value, even if it is enclosed in quotes.

The behavior of parse_ini_file() in PHP 5.3 with either $scanner_mode at RAW or NORMAL cannot reproduce the  behavior of PHP 5.2.

Reproduce code:
---------------
test.ini:
[TheSection]
MyKey="my;value\$"

example.php:
<?php
var_dump(parse_ini_file("test.ini",true,INI_SCANNER_RAW));
?>

Expected result:
----------------
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}

Actual result:
--------------
In PHP 5.2 (without the $scanner_mode parameter in parse_ini_file()):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}
(the value is returned exactly as it appears in test.ini)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_RAW):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(3) ""my"
  }
}
(notice that everything after the semi-colon has been truncated and the quote as the first character of the string)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_NORMAL):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(9) "my;value$"
  }
}
(notice the missing backslash (\) between the "e" and "$")

Patches

bug51094.diff (last revision 2012-06-07 13:32 UTC by pierrick@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-02-20 10:54 UTC] jani@php.net
1. There is no such thing as raw scanning in PHP 5.2
2. This is exactly how it's supposed to work. The ; is still comment even in the raw mode. All other chars are considered just chars.
3. In PHP 5.3 the backslash inside double quotes is considered escape char. No bug here either. Use single quotes instead.
 [2010-02-20 20:00 UTC] viaujoc at videotron dot ca
This change in the behavior of parse_ini_file() is not documented in either the documentation page for the function or the "Backward Incompatible Changes" from "Migrating from PHP 5.2.x to PHP 5.3.x".

I also hope that the updated documentation promised in bug #47703 will be published soon.
 [2011-09-25 10:27 UTC] pajoye@php.net
-Status: Bogus +Status: Open -Operating System: Win2003 +Operating System: -PHP Version: 5.3.1 +PHP Version: *
 [2011-09-25 10:27 UTC] pajoye@php.net
It is clearly a parsing error as the ; is part of a quoted string.

It also works with php.ini so it may be possible to get that work with other ini 
as well (while the code is different...)
 [2012-06-06 17:00 UTC] pierrick@php.net
The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339002022
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339002022
 [2012-06-06 17:06 UTC] pierrick@php.net
-Assigned To: +Assigned To: pierrick
 [2012-06-06 17:06 UTC] pierrick@php.net
I'll soon have one last look to make sure this patch doesn't introduce any 
problem before committing it. But if someone else want to review it, any comments 
will be welcome.
 [2012-06-07 13:32 UTC] pierrick@php.net
The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339075946
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339075946
 [2012-06-07 15:59 UTC] pierrick@php.net
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2012-06-07 16:24 UTC] pierrick@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-06-07 16:24 UTC] pierrick@php.net
-Status: Assigned +Status: Closed
 [2012-06-07 22:05 UTC] mattficken@php.net
This fails for me with 5.4.5-dev on Windows 7.

The diff when I run it:
001+ string(4) ""ini"
002+ string(4) ""ini"
001- string(7) "ini;raw"
002- string(8) ""ini;raw"
 [2012-06-08 01:21 UTC] pierrick@php.net
This is strange, it's working well on my side. I'm on Linux but this kind of things should not change. Could you please verify that you have the last version of the 
Zend/zend_ini_scanner_defs.h and Zend/zend_ini_scanner.c files (they were committed just after the .l).

You could regenerate those files using this command : 
re2c --case-inverted -cbdFt Zend/zend_ini_scanner_defs.h -oZend/zend_ini_scanner.c Zend/zend_ini_scanner.l

to see if you have any differences

Thanks
 [2012-06-08 18:37 UTC] mattficken@php.net
I think thats it.

The build where it was failing for me was r8779a9a, but it now passes on a build of the newer rd24d5b6.
 [2014-10-07 23:24 UTC] stas@php.net
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2014-10-07 23:35 UTC] stas@php.net
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2015-07-21 12:11 UTC] as at crcl dot com
This bug is reproducible again. Tested on PHP 5.6.11
 [2018-08-08 11:26 UTC] arekm at maven dot pl
If that's still true then report new bugreport because developers rarely read comments for old bugs.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 13:01:29 2024 UTC