php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73434 Null byte at end of array keys in getLastResponseInfo
Submitted: 2016-11-01 13:10 UTC Modified: 2017-10-24 06:07 UTC
Votes:3
Avg. Score:4.0 ± 0.8
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: m at mhn dot me Assigned:
Status: Open Package: oauth (PECL)
PHP Version: 7.0.12 OS: Ubuntu 16.04
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-11-01 13:10 UTC] m at mhn dot me
Description:
------------
On a completely blank Ubuntu 16.04 server:

apt install php7.0 php7.0-dev php-pear
pecl install oauth-2.0.2
echo "extension=oauth.so" > /etc/php/7.0/cli/conf.d/20-oauth.ini

Paste the following in to a file named test.php:

```
<?php

$o = new OAuth("foo", "bar", OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
try {
	$o->fetch("http://example.com/", null, OAUTH_HTTP_METHOD_GET);
} catch (Exception $e){}

$fullInfo = $o->getLastResponseInfo();

foreach(array_keys($fullInfo) as $key) {
	echo str_pad($key, 30);
	$split = str_split($key);
	foreach ($split as $chr) {
		echo str_pad(ord($chr), 4);
	}
	echo PHP_EOL;
}

$testString = "test";
echo str_pad($testString, 30);
$split = str_split($testString);
foreach ($split as $chr) {
	echo str_pad(ord($chr), 4);
}
echo PHP_EOL;
```

php test.php

```
http_code                    104 116 116 112 95  99  111 100 101 0   
content_type                 99  111 110 116 101 110 116 95  116 121 112 101 0   
url                          117 114 108 0   
header_size                  104 101 97  100 101 114 95  115 105 122 101 0   
request_size                 114 101 113 117 101 115 116 95  115 105 122 101 0   
filetime                     102 105 108 101 116 105 109 101 0   
ssl_verify_result            115 115 108 95  118 101 114 105 102 121 95  114 101 115 117 108 116 0   
redirect_count               114 101 100 105 114 101 99  116 95  99  111 117 110 116 0   
total_time                   116 111 116 97  108 95  116 105 109 101 0   
namelookup_time              110 97  109 101 108 111 111 107 117 112 95  116 105 109 101 0   
connect_time                 99  111 110 110 101 99  116 95  116 105 109 101 0   
pretransfer_time             112 114 101 116 114 97  110 115 102 101 114 95  116 105 109 101 0   
size_upload                  115 105 122 101 95  117 112 108 111 97  100 0   
size_download                115 105 122 101 95  100 111 119 110 108 111 97  100 0   
speed_download               115 112 101 101 100 95  100 111 119 110 108 111 97  100 0   
speed_upload                 115 112 101 101 100 95  117 112 108 111 97  100 0   
download_content_length      100 111 119 110 108 111 97  100 95  99  111 110 116 101 110 116 95  108 101 110 103 116 104 0   
upload_content_length        117 112 108 111 97  100 95  99  111 110 116 101 110 116 95  108 101 110 103 116 104 0   
starttransfer_time           115 116 97  114 116 116 114 97  110 115 102 101 114 95  116 105 109 101 0   
redirect_time                114 101 100 105 114 101 99  116 95  116 105 109 101 0   
headers_recv                 104 101 97  100 101 114 115 95  114 101 99  118 0   
test                          116 101 115 116
```

Note the 0/NULL character at the end of every row except the manually added "test" row. You can also see that the NULL byte messed with the string padding since it's invisible.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-11-01 14:57 UTC] m at mhn dot me
Hey guys,

I've been reading the source and it seems that the CAAL, CAAD and CAAS definitions in php_oauth.h might be the culprit.

#define CAAL(s, v) add_assoc_long_ex(&info, s, sizeof(s), (long) v);
#define CAAD(s, v) add_assoc_double_ex(&info, s, sizeof(s), (double) v);
#define CAAS(s, v) add_assoc_string_ex(&info, s, sizeof(s), (char *) (v ? v : ""));

If I change these to the following then it seems to work:

#define CAAL(s, v) add_assoc_long_ex(&info, s, sizeof(s) - 1, (long) v);
#define CAAD(s, v) add_assoc_double_ex(&info, s, sizeof(s) - 1, (double) v);
#define CAAS(s, v) add_assoc_string_ex(&info, s, sizeof(s) - 1, (char *) (v ? v : ""));

All the tests pass as well.


Regards,
Matthew Hotchen
 [2016-11-02 09:56 UTC] cmb@php.net
-Status: Open +Status: Analyzed -Assigned To: +Assigned To: seander
 [2016-11-02 09:56 UTC] cmb@php.net
Yes, that needs to be fixed like in ext/curl[1].

Assigning to maintainer.

[1] <https://github.com/php/php-src/commit/c5e63f8a63b03b52cae35906625497bd17592c4e>
 [2017-10-24 05:13 UTC] kalle@php.net
-Status: Analyzed +Status: Assigned
 [2017-10-24 06:07 UTC] kalle@php.net
-Status: Assigned +Status: Open -Assigned To: seander +Assigned To:
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC