#48379 [NEW]: Bogus value in variables leaked from POST or SESSION

Sun, 24 May 2009 20:37:55 -0700 

From:             anchoa at cardumen dot info
Operating system: linux
PHP version:      5.2.9
PHP Bug Type:     Variables related
Bug description:  Bogus value in variables leaked from POST or SESSION

Description:
------------
Variables that have the same name as an associative POST or SESSION 
variable are assigned their values, For example, if $_SESSION['v1'] == 
"abcd", $v1 is assigned "abcd" instead of being left undefined. 

Reproduce code:
---------------
See:

http://testing.cardumen.com/session-bug.php


Expected result:
----------------
The right behavior is for the four variables  v1, v2, v3, and v4 to 
remain undefined.

Actual result:
--------------
Enter some data in text fields v1, v2, v3, and v4

Variables $v1, $v2, $v3, and $v4 will be assigned the values leaked from 
$_SESSION['v1'], $_SESSION['v2'], $_SESSION['v3'], and $_SESSION['v4'], 

If you comment out session_start(); and or $_SESSION = $_POST; the 
values will be leaked from $_POST.





-- 
Edit bug report at http://bugs.php.net/?id=48379&edit=1
-- 
Try a CVS snapshot (PHP 5.2):        
http://bugs.php.net/fix.php?id=48379&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):        
http://bugs.php.net/fix.php?id=48379&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):        
http://bugs.php.net/fix.php?id=48379&r=trysnapshot60
Fixed in CVS:                        
http://bugs.php.net/fix.php?id=48379&r=fixedcvs
Fixed in CVS and need be documented: 
http://bugs.php.net/fix.php?id=48379&r=needdocs
Fixed in release:                    
http://bugs.php.net/fix.php?id=48379&r=alreadyfixed
Need backtrace:                      
http://bugs.php.net/fix.php?id=48379&r=needtrace
Need Reproduce Script:               
http://bugs.php.net/fix.php?id=48379&r=needscript
Try newer version:                   
http://bugs.php.net/fix.php?id=48379&r=oldversion
Not developer issue:                 
http://bugs.php.net/fix.php?id=48379&r=support
Expected behavior:                   
http://bugs.php.net/fix.php?id=48379&r=notwrong
Not enough info:                     
http://bugs.php.net/fix.php?id=48379&r=notenoughinfo
Submitted twice:                     
http://bugs.php.net/fix.php?id=48379&r=submittedtwice
register_globals:                    
http://bugs.php.net/fix.php?id=48379&r=globals
PHP 4 support discontinued:          http://bugs.php.net/fix.php?id=48379&r=php4
Daylight Savings:                    http://bugs.php.net/fix.php?id=48379&r=dst
IIS Stability:                       
http://bugs.php.net/fix.php?id=48379&r=isapi
Install GNU Sed:                     
http://bugs.php.net/fix.php?id=48379&r=gnused
Floating point limitations:          
http://bugs.php.net/fix.php?id=48379&r=float
No Zend Extensions:                  
http://bugs.php.net/fix.php?id=48379&r=nozend
MySQL Configuration Error:           
http://bugs.php.net/fix.php?id=48379&r=mysqlcfg

Reply via email to