PHP :: Bug #51094 :: parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon

Bug #51094

parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon

Submitted:

2010-02-19 22:10 UTC

Modified:

2012-06-08 01:21 UTC

Votes:	4
Avg. Score:	4.5 ± 0.9
Reproduced:	4 of 4 (100.0%)
Same Version:	2 (50.0%)
Same OS:	1 (25.0%)

From:

viaujoc at videotron dot ca

Assigned:

pierrick (profile)

Status:

Closed

Package:

Filesystem function related

PHP Version:

OS:

Private report:

CVE-ID:

None

View Developer Edit

[2010-02-19 22:10 UTC] viaujoc at videotron dot ca

Description:
------------
When using parse_ini_file() function with $scanner_mode=INI_SCANNER_RAW, any semi-colon (;) in the value is seen as the end of the value, even if it is enclosed in quotes.

The behavior of parse_ini_file() in PHP 5.3 with either $scanner_mode at RAW or NORMAL cannot reproduce the  behavior of PHP 5.2.

Reproduce code:
---------------
test.ini:
[TheSection]
MyKey="my;value\$"

example.php:
<?php
var_dump(parse_ini_file("test.ini",true,INI_SCANNER_RAW));
?>

Expected result:
----------------
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}

Actual result:
--------------
In PHP 5.2 (without the $scanner_mode parameter in parse_ini_file()):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}
(the value is returned exactly as it appears in test.ini)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_RAW):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(3) ""my"
  }
}
(notice that everything after the semi-colon has been truncated and the quote as the first character of the string)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_NORMAL):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(9) "my;value$"
  }
}
(notice the missing backslash (\) between the "e" and "$")

Patches

bug51094.diff (last revision 2012-06-07 13:32 UTC by pierrick@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2010-02-20 10:54 UTC] jani@php.net

1. There is no such thing as raw scanning in PHP 5.2
2. This is exactly how it's supposed to work. The ; is still comment even in the raw mode. All other chars are considered just chars.
3. In PHP 5.3 the backslash inside double quotes is considered escape char. No bug here either. Use single quotes instead.

[2010-02-20 20:00 UTC] viaujoc at videotron dot ca

This change in the behavior of parse_ini_file() is not documented in either the documentation page for the function or the "Backward Incompatible Changes" from "Migrating from PHP 5.2.x to PHP 5.3.x".

I also hope that the updated documentation promised in bug #47703 will be published soon.

[2011-09-25 10:27 UTC] pajoye@php.net

-Status: Bogus +Status: Open -Operating System: Win2003 +Operating System: -PHP Version: 5.3.1 +PHP Version: *

[2011-09-25 10:27 UTC] pajoye@php.net

It is clearly a parsing error as the ; is part of a quoted string.

It also works with php.ini so it may be possible to get that work with other ini 
as well (while the code is different...)

[2012-06-06 17:00 UTC] pierrick@php.net

The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339002022
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339002022

[2012-06-06 17:06 UTC] pierrick@php.net

-Assigned To: +Assigned To: pierrick

[2012-06-06 17:06 UTC] pierrick@php.net

I'll soon have one last look to make sure this patch doesn't introduce any 
problem before committing it. But if someone else want to review it, any comments 
will be welcome.

[2012-06-07 13:32 UTC] pierrick@php.net

The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339075946
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339075946

[2012-06-07 15:59 UTC] pierrick@php.net

Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)

[2012-06-07 16:24 UTC] pierrick@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

[2012-06-07 16:24 UTC] pierrick@php.net

-Status: Assigned +Status: Closed

[2012-06-07 22:05 UTC] mattficken@php.net

This fails for me with 5.4.5-dev on Windows 7.

The diff when I run it:
001+ string(4) ""ini"
002+ string(4) ""ini"
001- string(7) "ini;raw"
002- string(8) ""ini;raw"

[2012-06-08 01:21 UTC] pierrick@php.net

This is strange, it's working well on my side. I'm on Linux but this kind of things should not change. Could you please verify that you have the last version of the 
Zend/zend_ini_scanner_defs.h and Zend/zend_ini_scanner.c files (they were committed just after the .l).

You could regenerate those files using this command : 
re2c --case-inverted -cbdFt Zend/zend_ini_scanner_defs.h -oZend/zend_ini_scanner.c Zend/zend_ini_scanner.l

to see if you have any differences

Thanks

[2012-06-08 18:37 UTC] mattficken@php.net

I think thats it.

The build where it was failing for me was r8779a9a, but it now passes on a build of the newer rd24d5b6.

[2013-08-29 06:57 UTC] kristo at waher dot net

Related To: Bug #65568

[2014-10-07 23:24 UTC] stas@php.net

Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)

[2014-10-07 23:35 UTC] stas@php.net

Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)

[2015-07-21 12:11 UTC] as at crcl dot com

This bug is reproducible again. Tested on PHP 5.6.11

[2018-08-08 11:26 UTC] arekm at maven dot pl

If that's still true then report new bugreport because developers rarely read comments for old bugs.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Oct 25 02:00:01 2025 UTC