|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67069 substr_compare() returns incorrect results when using default length
Submitted: 2014-04-13 22:42 UTC Modified: 2014-04-13 23:06 UTC
From: nachms+php at gmail dot com Assigned:
Status: Duplicate Package: Strings related
PHP Version: 5.5.11 OS: Linux
Private report: No CVE-ID: None
 [2014-04-13 22:42 UTC] nachms+php at gmail dot com
PHP in 5.5.11 is returning incorrect results from substr_compare() when length is left as the default setting. In 5.5.10, it worked correctly.

String checks returning equal when they are not equal is a security hole. Any application checking the end of a string to equal something, perhaps a user name, password, perhaps the extension on file types, or other file paths, is now going to think things are equal when they in fact are not.

The documentation for this function:
States if the length parameter is not passed:
"The default value is the largest of the length of the str compared to the length of main_str less the offset."

Or in other words, max(main_str - offset, str), meaning it compares for whatever amount is left over in in the two strings.

However, in the included test, it seems lenth is always being set to 0.

Test script:
echo substr_compare('Cows',  'ws',  2), "\n";
echo substr_compare('Cows',  'ws',  -2), "\n";
echo substr_compare('Cows',  'ows',  3), "\n";
echo substr_compare('Cows',  'ows',  -3), "\n";
echo substr_compare('Cows',  'aws',  3), "\n";
echo substr_compare('Cows',  'aws',  -3), "\n";

Expected result:

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2014-04-13 22:53 UTC]
-Type: Security +Type: Bug
 [2014-04-13 23:06 UTC]
-Status: Open +Status: Duplicate
 [2014-04-13 23:06 UTC]
Looks like dupe of #67043, at least I am not seeing problems after the fix is applied. Please reopen if you still see it after updating to latest code.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Mon Oct 02 06:01:24 2023 UTC