php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72131 Calling number_format(null) causes curl to not decode chunks
Submitted: 2016-04-29 22:46 UTC Modified: 2016-05-02 08:57 UTC
From: andre at webkr dot de Assigned:
Status: Not a bug Package: cURL related
PHP Version: 5.5.35 OS: Linux
Private report: No CVE-ID: None
 [2016-04-29 22:46 UTC] andre at webkr dot de
Description:
------------
This bug exists in PHP 5.5.35, PHP 5.6.21 and PHP 7.0.6.

When you make repeated curl requests to a server that returns the answer chunked-encoded, those requests start to fail with the error "Problem (2) in the Chunked-Encoded data" as soon as you call `number_format(null)`.

Admittedly `number_format(null)` makes no sense, but it throws no error either.

When you call `number_format(null)` a second time, cURL can decode chunks again, a third time again brings the error, and so on.

Test script:
---------------
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://localhost/'); // This URL must return a chunked response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

for($i = 0 ; $i < 10 ; $i++)
{
	$result = curl_exec($ch);
	
	var_dump($result);
	var_dump(curl_error($ch));

	if($i >= 2) {
		echo "\n" . 'number_format(null) called' . "\n";
		number_format(null);
	}
	
	echo "\n";
}


Expected result:
----------------
(Created by requesting a URL that does not respond in chunks)

string(2) "OK"
string(0) ""

string(2) "OK"
string(0) ""

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

Actual result:
--------------
string(2) "OK"
string(0) ""

string(2) "OK"
string(0) ""

string(2) "OK"
string(0) ""

number_format(null) called

bool(false)
string(39) "Problem (2) in the Chunked-Encoded data"

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

bool(false)
string(39) "Problem (2) in the Chunked-Encoded data"

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

bool(false)
string(39) "Problem (2) in the Chunked-Encoded data"

number_format(null) called

string(2) "OK"
string(0) ""

number_format(null) called

bool(false)
string(39) "Problem (2) in the Chunked-Encoded data"

number_format(null) called

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-04-29 23:05 UTC] andre at webkr dot de
Here's a Dockerfile that reproduces the bug and a little server (in Go) that returns chunked responses:

https://github.com/AndreKR/php-bug-72131
 [2016-04-30 05:34 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2016-04-30 05:34 UTC] pajoye@php.net
number_format(null); is the same than number_format(0); except if strict_types=1 is used. And nothing in the number_format function affects something in the current context or globally.

(see http://lxr.php.net/xref/PHP_MASTER/ext/standard/math.c#1275)

Only to confirm the issue, the problem disappears if you remove the if ($i >= 2) block altogether right?
 [2016-04-30 05:50 UTC] andre at webkr dot de
Indeed the problem exists with number_format(0), too.

So that is:

number_format(null) -> problem
number_format(0) -> problem
number_format(1) -> no problem
// number_format(0) -> no problem
 [2016-05-02 08:33 UTC] mike@php.net
I can hardly think of any relation, but I have another problem: I cannot locate this error message; what version of libcurl are you using?
 [2016-05-02 08:38 UTC] mike@php.net
Also, cannot reproduce locally (didn't try the Dockerfile).
 [2016-05-02 08:56 UTC] mike@php.net
-Status: Feedback +Status: Not a bug -Package: Reproducible crash +Package: cURL related
 [2016-05-02 08:56 UTC] mike@php.net
Oookay, so doing a web search for the error message revealed:

https://curl.haxx.se/mail/lib-2015-03/0111.html

Looks like you have to upgrade libcurl or file a bug report against the maintainer of your PHP distribution.
 [2016-05-02 08:57 UTC] mike@php.net
Err, actually file a bug for libcurl of your distribution.
 [2016-05-02 09:01 UTC] andre at webkr dot de
It's the one that comes with PHP in Ubuntu 14.04:

curl

cURL support => enabled
cURL Information => 7.35.0
[...]
Host => x86_64-pc-linux-gnu
SSL Version => OpenSSL/1.0.1f
ZLib Version => 1.2.8
 [2016-05-02 09:17 UTC] andre at webkr dot de
I see, so this "errno" variable is shared between PHP and cURL?
 [2016-05-03 08:09 UTC] a at b dot c dot de
It's part of standard C (included via errno.h)

http://linux.die.net/man/3/errno
 [2016-09-07 18:40 UTC] joe dot afflerbach+php at sevenval dot com
Fixed in Ubuntu 14.04 curl package 7.35.0-1ubuntu2.9, see https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1613698
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Sep 20 10:01:26 2019 UTC