ID: 43614 User updated by: dmitriy dot buldakov at toatech dot com Reported By: dmitriy dot buldakov at toatech dot com Status: Open Bug Type: Arrays related Operating System: Mac OS X PHP Version: 5.2.5 New Comment:
Last patch works much more better, but there is still a problem. the patch ignores leading spaces. for example keys ' 10' and ' -10' are converted to integer 10 and -10. Previous Comments: ------------------------------------------------------------------------ [2007-12-17 13:54:07] [EMAIL PROTECTED] Yes, correct. I've used not suitable function. Tony alerted me of a correct function. http://ecl.zoone.com.br/etc/patches/bug43614.patch http://ecl.zoone.com.br/etc/patches/bug43614.phpt ------------------------------------------------------------------------ [2007-12-17 13:38:13] dmitriy dot buldakov at toatech dot com Looks like the simple solution is not very good. As far as I understood the patch just convert any numeric string to long. It is not right way because: 1) it dose not make range check ("9999999999" is converted to 2147483647) 2) it dose not recognize negative values ("-10" is not converted to string) 3) it ignores leading zero ("01" to 1) For example, the reproduce code result is still not expected: 1 Array ( [10] => 3 [1] => 2 [01] => 4 ) KEY: int(10) VAL: int(3) KEY: int(1) VAL: int(2) KEY: string(2) "01" VAL: int(4) ------------------------------------------------------------------------ [2007-12-17 12:00:02] [EMAIL PROTECTED] Hmm, ok, arbitray string... Simple solution: Index: var_unserializer.c =================================================================== RCS file: /repository/php-src/ext/standard/var_unserializer.c,v retrieving revision 1.70.2.4.2.7.2.3 diff -u -u -r1.70.2.4.2.7.2.3 var_unserializer.c --- var_unserializer.c 17 Oct 2007 10:36:33 -0000 1.70.2.4.2.7.2.3 +++ var_unserializer.c 17 Dec 2007 11:58:43 -0000 @@ -282,6 +282,10 @@ return 0; } + if (Z_TYPE_P(key) == IS_STRING && strspn(Z_STRVAL_P(key), "0123456789") == Z_STRLEN_P(key)) { + convert_to_long(key); + } + switch (Z_TYPE_P(key)) { case IS_LONG: if (zend_hash_index_find(ht, Z_LVAL_P(key), (void **)&old_data)==SUCCESS) { ------------------------------------------------------------------------ [2007-12-17 08:24:21] dmitriy dot buldakov at toatech dot com The bug also can be reproduced under FreeBSD 6.2 ------------------------------------------------------------------------ [2007-12-17 08:14:35] dmitriy dot buldakov at toatech dot com Description: ------------ php converts numerical string in array keys to integer if possible. php4 converts those string while unserialize as well as while array processing of php code php5 converts those string while array processing of php code only, and not converts while the unserialize a string As the result - unserialized array can contains fake elements. For example - there is no way to get access to the element by a key. Reproduce code: --------------- <?php $a = unserialize('a:2:{s:2:"10";i:1;s:2:"01";i:2;}'); print $a['10']."\n"; $a['10'] = 3; $a['01'] = 4; print_r($a); foreach ($a as $k => $v) { print 'KEY: '; var_dump($k); print 'VAL: '; var_dump($v); print "\n"; } ?> Expected result: ---------------- Dmitriy-Buldakov:~ dmitry$ php4 test.php 1 Array ( [10] => 3 [01] => 4 ) KEY: int(10) VAL: int(3) KEY: string(2) "01" VAL: int(4) Dmitriy-Buldakov:~ dmitry$ Actual result: -------------- Dmitriy-Buldakov:~ dmitry$ php5 test.php PHP Notice: Undefined index: 10 in /Users/dmitry/test.php on line 5 Notice: Undefined index: 10 in /Users/dmitry/test.php on line 5 Array ( [10] => 1 [01] => 4 [10] => 3 ) KEY: string(2) "10" VAL: int(1) KEY: string(2) "01" VAL: int(4) KEY: int(10) VAL: int(3) Dmitriy-Buldakov:~ dmitry$ ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=43614&edit=1
