php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #53528 eval is not correctly catching parse error
Submitted: 2010-12-12 18:30 UTC Modified: 2010-12-13 10:30 UTC
From: php at dynamicplus dot it Assigned:
Status: Not a bug Package: Scripting Engine problem
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: php at dynamicplus dot it
New email:
PHP Version: OS:

 

 [2010-12-12 18:30 UTC] php at dynamicplus dot it 
Description:
------------
---
From manual page: http://www.php.net/function.eval#Return Values
---

eval() shoud return FALSE in case of parse error.

In this example crashes completely with a fatal error, executing
a dead portion of code. A return should terminate the eval script as soon
as is encountered.

Seems to be a compilation problem.

Test script:
---------------
<?php

  $return = eval( 'return TRUE; /* should never come here */ WrongAssignment() = 1234;' );

?>

Expected result:
----------------
$return should be FALSE as there is a PARSE ERROR (from manual: "If there is a 
parse error in the evaluated code, eval() returns FALSE and execution of the 
following code continues normally.").

But the parse error is not detected and in this case $return should be TRUE,
as the first block simply returns TRUE and the rest is dead-code.

Actual result:
--------------
Fatal error: Can't use function return value in write context in 
/Users/dynamicplus/eval-demo.php(3) : eval()'d code on line 1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-12-13 10:08 UTC] aharvey@php.net
-Status: Open +Status: Bogus
 [2010-12-13 10:08 UTC] aharvey@php.net 
That's a runtime fatal error, not a parse error, and hence results in
the script execution halting, as per the second note on the eval()
manual page.
 [2010-12-13 10:23 UTC] php at dynamicplus dot it 
CORRECT FATAL ERROR...
<?php

  return 1; // exits here
  fatalUndefinedFunction();

?>

macbook-air:~ dynamicplus$ php -l lint-test1.php 
No syntax errors detected in lint-test1.php
macbook-air:~ dynamicplus$ php lint-test1.php 

Fatal error: Call to undefined function fatalUndefinedFunction() in 
/Users/dynamicplus/lint-test1.php on line 3


------

WRONG FATAL ERROR....
<?php

  return TRUE; // dies completely?
  wrongAssigment() = FALSE;
 
?>

macbook-air:~ dynamicplus$ php lint-test1.php 

Fatal error: Can't use function return value in write context in 
/Users/dynamicplus/lint-test1.php on line 4



macbook-air:~ dynamicplus$ php -l lint-test1.php 

Fatal error: Can't use function return value in write context in lint-test1.php 
on line 4
Errors parsing lint-test1.php

LINT is telling is a PARSE ERROR...
LINT SHOULD not execute code but only check syntax, or not?
 [2010-12-13 10:30 UTC] php at dynamicplus dot it 
new_op_array = zend_compile_string(&pv, string_name TSRMLS_CC);

line 1175 of main/zend_execute_API.c

this never returns handle of opCodes to compiled php-string nor null
but dies directly.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 19 15:01:31 2024 UTC