|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61770 Crash on nonunicode character
Submitted: 2012-04-18 23:31 UTC Modified: 2013-11-19 03:04 UTC
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: phpbug at kartio dot org Assigned: bd808 (profile)
Status: Closed Package: yaml (PECL)
PHP Version: 5.3.10 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
26 - 23 = ?
Subscribe to this entry?

 [2012-04-18 23:31 UTC] phpbug at kartio dot org
Will crash on some character sequences that are not valid unicode. Trying to print same character with valid utf-8 sequence doesn't crash.

Test script:

Actual result:
PHP Warning:  yaml_emit(): Memory error: Not enough memory for creating an event (libyaml) in php shell code on line 1

*** glibc detected *** /usr/bin/php: double free or corruption (fasttop): 0x09537278 ***
======= Backtrace: =========


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2012-04-30 03:57 UTC]
-Status: Open +Status: Verified -Assigned To: +Assigned To: bd808
 [2012-04-30 05:48 UTC]
Looks like this is an issue interacting with the underlying libyaml library. There is a note in the writer.c source file that says "Note that we assume that the buffer contains a valid UTF-8 sequence." Currently the extension makes no attempt to validate/cleanse the php input string prior to passing it to libyaml.

This could be handled in a couple of ways:
- document the need to ensure valid UTF-8 input
- depend on iconv and ensure valid encoding inside the yaml extension
 [2012-05-03 16:15 UTC] alpacagm at gmail dot com
Corresponding ticket in libyaml bugtracker looks dead.
 [2013-04-19 04:22 UTC]
-Status: Verified +Status: Wont fix
 [2013-11-19 02:17 UTC]
-Status: Wont fix +Status: Re-Opened
 [2013-11-19 02:17 UTC]
Crashing just because the upstream library has a bug isn't acceptable. I need to fix this.

Behavior similar to json_encode() for the same input would be acceptable:

    $ php -r 'var_dump(json_encode("\xc2"));'
    PHP Warning:  json_encode(): Invalid UTF-8 sequence in argument in Command line code on line 1
    string(4) "null"
 [2013-11-19 03:04 UTC]
-Status: Re-Opened +Status: Closed
 [2013-11-19 03:04 UTC]
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at

 For Windows:
Thank you for the report, and for helping us make PHP better.

 [2013-11-19 05:46 UTC]
Patch included in 1.1.1 release.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 17:01:31 2024 UTC