php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #79899 assert() is not binary-safe
Submitted: 2020-07-26 18:14 UTC Modified: 2021-03-12 11:25 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: fpoirotte+php-bugs at gmail dot com Assigned: cmb (profile)
Status: Wont fix Package: PHP options/info functions
PHP Version: 7.4.8 OS: Debian GNU/Linux Bullseye
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
1 + 38 = ?
Subscribe to this entry?

 
 [2020-07-26 18:14 UTC] fpoirotte+php-bugs at gmail dot com 
Description:
------------
The $description argument of assert() is not binary-safe.
When the description is displayed, it will get truncated at the first null (\0) byte.

Test script:
---------------
<?php

// run with: php -d zend.assertions=1 -f /tmp/test.php

error_reporting(E_ALL);
ini_set("display_errors", 1);
assert_options(ASSERT_ACTIVE, true);
assert_options(ASSERT_WARNING, true);

assert(false, "foo\000bar");

Expected result:
----------------
Warning: assert(): foobar failed in /tmp/test.php on line 10

Actual result:
--------------
Warning: assert(): foo failed in /tmp/test.php on line 10

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-27 15:27 UTC] cmb@php.net
-Package: Unknown/Other Function +Package: PHP options/info functions
 [2021-03-12 11:25 UTC] cmb@php.net
-Status: Open +Status: Wont fix -Assigned To: +Assigned To: cmb
 [2021-03-12 11:25 UTC] cmb@php.net 
Using assert_options() is discouraged as of PHP 7.0.0, and I don't
see any valid reason not to enable assert.exception (what is
actually the default as of PHP 8.0.0), since assertions are a
development feature, and a failing assertion hints at a
programming error.  The exception shows the full description, so
there is no issue, besides that there is no good reason to include
NUL bytes in the description in the first place.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 14:01:30 2024 UTC