php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75806 version_compare does strange things with string starting with "p"
Submitted: 2018-01-12 00:21 UTC Modified: 2018-01-13 18:33 UTC
From: ksours at internetbrands dot com Assigned:
Status: Re-Opened Package: PHP options/info functions
PHP Version: 7.0.27 OS:
Private report: No CVE-ID: None
 [2018-01-12 00:21 UTC] ksours at internetbrands dot com
Description:
------------
version_compare appears to treat any string starting with p at the pl=p level when doing comparisons, which is contrary to the documented behavior

Test script:
---------------
echo version_compare('1.0.0', '1.0.0ptotalgarbage');

Expected result:
----------------
1

Actual result:
--------------
-1

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-01-12 22:24 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Package: *General Issues +Package: PHP options/info functions -Assigned To: +Assigned To: cmb
 [2018-01-12 22:24 UTC] cmb@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

'1.0.0ptotalgarbage' is treated as '1.0.0.p.…', which is higher
than '1.0.0'.
 [2018-01-12 22:46 UTC] ksours at internetbrands dot com
This behavior is entirely unclear from the documentation, which I read in detail before reporting and again just now.  

It appears that the strings in the comparison list are treated as separate "parts" even if then occur within a larger non numeric string, but this is not mentioned anywhere and not clear.  Especially since it explicitly states that unrecognized strings in the version are handled: "any string not found in this list"

Actually poking it further there is some really unintuitive and undocumented behavior in how longer strings that contain the "known" version parts get interpreted in general:

version_compare('1.0.0xdev', '1.0.0xxxdevxxx'); // returns 0
version_compare('1.0.0xdev', '1.0.0xxxdev-xxx'); // returns 1

If this isn't a bug, then the documentation is inadequate.
 [2018-01-13 18:33 UTC] cmb@php.net
-Status: Not a bug +Status: Re-Opened -Assigned To: cmb +Assigned To:
 [2018-01-13 18:33 UTC] cmb@php.net
> '1.0.0ptotalgarbage' is treated as '1.0.0.p.…', […]

That's not correct.  Actually, it is treated as
'1.0.0.ptotalgarbage'.

> "any string not found in this list"

The current implementation does not check the full strings, but
rather the beginning of the string only.  In this case, it sees
'p' and totally ignores 'totalgarbage'.  Frankly, I don't know
whether it is supposed to work this way.
 [2022-11-30 06:46 UTC] asri dot jasemi152 at gmail dot com
I totally like your gave limits as the post you passed on has some information which is totally essential for me. I will endeavor to figure it out for extra. I'll be sure to keep an eye on this thread. (https://www.bklinkglobal.me/)github.com
 [2024-07-11 08:56 UTC] gary564jez at gmail dot com
Thanks for creating this.  (https://github.com)(https://www.floridabluefl.com)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 09 16:01:29 2024 UTC