php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61681 Malformed grammar
Submitted: 2012-04-09 15:33 UTC Modified: 2012-04-09 21:59 UTC
From: laruence@php.net Assigned: nikic
Status: Closed Package: *General Issues
PHP Version: 5.3.10 OS:
Private report: No CVE-ID:
 [2012-04-09 15:33 UTC] laruence@php.net
Description:
------------
if use '@', you can call function in a string substitution context.

Test script:
---------------
<?php
$la = "ooxx";

$a = "${@substr('laruence', 0, 2)}"; 

echo $a;

Expected result:
----------------
PHP Error: syntax error 

Actual result:
--------------
ooxx

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-04-09 15:34 UTC] laruence@php.net
-Assigned To: +Assigned To: dmitry
 [2012-04-09 15:34 UTC] laruence@php.net
Dmitry, do you think this is okey? 

or should we document this behavior?
 [2012-04-09 15:58 UTC] colder@php.net
This is typically a limitation of our grammar.

We accept ${ string_varname }
and ${ expr }

due to the fact that ${asd} is not accessing the variable named after the 
constant asd's value.

When the lexer looks at ${ function_call() } it finds ${ T_STRING_VARNAME() }

which will not parse. We might be able to fix it by looking ahead in the
<ST_LOOKING_FOR_VARNAME>{LABEL} { rule and detect cases where it should be a 
T_STRING, i.e if the char after it is either } [ or {.
 [2012-04-09 17:21 UTC] colder@php.net
Automatic comment on behalf of nikic
Revision: http://git.php.net/?p=php-src.git;a=commit;h=b233de098daceb145b9a5009b8861ebb9df5c961
Log: Fix bug #61681: Malformed grammar
 [2012-04-09 21:59 UTC] nikic@php.net
-Status: Assigned +Status: Closed -Assigned To: dmitry +Assigned To: nikic
 [2012-04-09 21:59 UTC] nikic@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-04-18 09:45 UTC] laruence@php.net
Automatic comment on behalf of nikic
Revision: http://git.php.net/?p=php-src.git;a=commit;h=b233de098daceb145b9a5009b8861ebb9df5c961
Log: Fix bug #61681: Malformed grammar
 [2012-07-24 23:36 UTC] rasmus@php.net
Automatic comment on behalf of nikic
Revision: http://git.php.net/?p=php-src.git;a=commit;h=b233de098daceb145b9a5009b8861ebb9df5c961
Log: Fix bug #61681: Malformed grammar
 [2013-11-17 09:32 UTC] laruence@php.net
Automatic comment on behalf of nikic
Revision: http://git.php.net/?p=php-src.git;a=commit;h=b233de098daceb145b9a5009b8861ebb9df5c961
Log: Fix bug #61681: Malformed grammar
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 16:02:23 2014 UTC