php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74556 stream_socket_get_name returns \0 string instead of false
Submitted: 2017-05-08 15:32 UTC Modified: 2017-10-07 14:41 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: cpuidle at gmx dot de Assigned: pollita
Status: Closed Package: Streams related
PHP Version: 7.1.7 OS: macOS
Private report: No CVE-ID:
 [2017-05-08 15:32 UTC] cpuidle at gmx dot de
Description:
------------
When using UNIX sockets, php returns string(1) ''.\\0.'' for client side socket name of a client socket instead of false. 

See https://3v4l.org/VStV6

Internally, stream_socket_get_name (https://lxr.room11.org/xref/php-src%407.1/ext/standard/streamsfuncs.c) calls php_stream_xport_get_name (https://lxr.room11.org/source/s?refs=php_stream_xport_get_name&project=php-src@7.1).

The observed \0 string seems to be a returned empty C string buffer not further checked?

Test script:
---------------
<?php

$s = stream_socket_server('unix:///tmp/demo.sock');
$c = stream_socket_client('unix:///tmp/demo.sock');

var_dump(
    stream_socket_get_name($s, true),
    stream_socket_get_name($c, false)
);

Expected result:
----------------
bool(false)
bool(false)

Actual result:
--------------
bool(false)
string(1) ""

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-05-28 15:52 UTC] pollita@php.net
Automatic comment on behalf of pollita
Revision: http://git.php.net/?p=php-src.git;a=commit;h=8dcfec9789b4792f7b6b25673274b74bae71b512
Log: Bugfix #74556 stream_socket_get_name() returns empty string
 [2017-05-28 15:52 UTC] pollita@php.net
-Status: Open +Status: Closed
 [2017-10-07 10:28 UTC] cpuidle at gmx dot de
@pollita@php.net would you kindly explain why this bug has been closed without any comment? I've tried to provide every analysis I could including PHP sources. 

Doesn't that at least deserve a small token of appreciation like an answer?

Disappointed with the culture :(
 [2017-10-07 10:38 UTC] requinix@php.net
-Assigned To: +Assigned To: requinix
 [2017-10-07 10:38 UTC] requinix@php.net
It was closed because it was fixed. And there *was* a comment for that - it was automatic so sorry if you wanted something more personal.
 [2017-10-07 10:40 UTC] requinix@php.net
-Assigned To: requinix +Assigned To: pollita
 [2017-10-07 10:42 UTC] spam2 at rhsoft dot net
What is your problem?

There was a bugfix commited including a changelog entry pointing to this Bugreport - so what about you are whining?
 [2017-10-07 10:49 UTC] cpuidle at gmx dot de
> It was closed because it was fixed. And there *was* a comment for that - it was automatic so sorry if you wanted something more personal.

Great. My mistake I didn't notice that- had expected it in the "changes" section, sorry for the confusion.

> What is your problem? There was a bugfix commited including a changelog entry pointing to this Bugreport - so what about you are whining?

I think that's the exact tone that doesn't attract people. If you read my comment you'll notice it wasn't rude...
 [2017-10-07 10:55 UTC] spam2 at rhsoft dot net
"disappointed with the culture" when the fix was commited to 20 days after the report and within nearly 5 months you are NOT willing to read the existing comments or even update php where you would have seen it fixed and in the NEWS file *is rude*
 [2017-10-07 12:54 UTC] cpuidle at gmx dot de
Mhm. The bug is in the changelog for 7.1.7 but I'm still seeing it (or something similar) in 7.1.8.

It has actually gotten worse (test case from this issue):

/Users/Documents/htdocs/vz/sock.php:8:
bool(false)
/Users/Documents/htdocs/vz/sock.php:8:
string(15) "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"

Instead of string(1) there's now a string(15) returned.

@Harald: I'll discontinue the side discussion with you.
 [2017-10-07 13:25 UTC] kelunik@php.net
@rhsoft: Please stop with your tone. cpuidle simply missed a comment, which is probably caused by bugs.php.net's sub-optimal interface. It's nothing about willingness or something like that, it simply got missed.
 [2017-10-07 13:26 UTC] kelunik@php.net
-Status: Closed +Status: Re-Opened
 [2017-10-07 13:26 UTC] kelunik@php.net
Re-opening, as behavior got worse.
 [2017-10-07 13:27 UTC] pollita@php.net
-Status: Re-Opened +Status: Closed
 [2017-10-07 13:27 UTC] pollita@php.net
3v4l disagrees with you: https://3v4l.org/VStV6
 [2017-10-07 13:51 UTC] kelunik@php.net
-Status: Closed +Status: Re-Opened -Operating System: OSX +Operating System: macOS -PHP Version: 7.1.4 +PHP Version: 7.1.7
 [2017-10-07 13:51 UTC] kelunik@php.net
It's still buggy on macOS, confirmed by bwoebi with yesterday's master.

Output
------

bool(false)
string(15) ""
 [2017-10-07 14:05 UTC] pollita@php.net
Yep.  I just got done making a better repro and it looks like MacOS is just ever so slightly posix non-compliant here.  The spec still says any leading null byte should be considered abstract though, so I'll just check the check from len==0 to len==0 || *val=0 and should be gtg.
 [2017-10-07 14:15 UTC] pollita@php.net
Automatic comment on behalf of pollita
Revision: http://git.php.net/?p=php-src.git;a=commit;h=843e492c6816fa18eff83a7a3e8c370531796912
Log: Bugfix #74556 stream_socket_get_name() returns null bytes on MacOS
 [2017-10-07 14:15 UTC] pollita@php.net
-Status: Re-Opened +Status: Closed
 [2017-10-07 14:16 UTC] pollita@php.net
=============
ATTENTION!!!!
=============

THIS BUG HAS BEEN FIXED (we hope).
PLEASE REFERENCE THE ABOVE LINK TO GIT.PHP.NET FOR DETAILS ABOUT THE FIX.

=============
ATTENTION!!!!
=============
 [2017-10-07 14:21 UTC] cpuidle at gmx dot de
@kelunik was faster than me and @pollita ever faster at fixing.

Much appreciated, thank you :)
 [2017-10-07 14:41 UTC] pollita@php.net
You're welcome, and for the record: Thank you for the detailed bug report.  It was the details which meant it was (initially) fixed in 20 days instead of 200. :)
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC