ID: 38378 Updated by: [EMAIL PROTECTED] Reported By: clemens at gutweiler dot net -Status: Open +Status: Closed Bug Type: WDDX related Operating System: Linux PHP Version: 4.4.3 New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2006-08-23 11:11:52] grzegorz dot nosek at netart dot pl You also need something like the patch below because serialization of plain integers is broken too. If you don't want to use full WDDX_BUF_LEN, Z_STRLEN(tmp) + Z_STRLEN(WDDX_NUMBER) (or something) might suffice. Without the patch things like <number>1</number> seem to get eaten. Trivial test case attached in the following diff. --- php/ext/wddx/wddx.c~ Wed Aug 23 12:01:10 2006 +++ php/ext/wddx/wddx.c Wed Aug 23 12:00:35 2006 @@ -432,7 +432,7 @@ tmp = *var; zval_copy_ctor(&tmp); convert_to_string(&tmp); - snprintf(tmp_buf, Z_STRLEN(tmp), WDDX_NUMBER, Z_STRVAL(tmp)); + snprintf(tmp_buf, WDDX_BUF_LEN, WDDX_NUMBER, Z_STRVAL(tmp)); zval_dtor(&tmp); php_wddx_add_chunk(packet, tmp_buf); --- /dev/null Fri Jun 28 13:33:12 2002 +++ php/ext/wddx/tests/bug38738.phpt Wed Aug 23 12:04:10 2006 @@ -0,0 +1,13 @@ +--TEST-- +Bug #38378 wddx_serialize_value geneates no wellformed xml +--FILE-- +<?php + +$hash["int"] = 1; +$hash["string"] = "test"; + +print wddx_serialize_vars('hash')."\n"; +?> +--EXPECT-- +<wddxPacket version='1.0'><header/><data><struct><var name='hash'><struct><var name='int'><number>1</number></var><var name='string'><string>test</string></var></struct></var></struct></data></wddxPacket> + ------------------------------------------------------------------------ [2006-08-21 14:36:48] sj at sjaensch dot org When replacing sprintf() with snprintf(), the length of the resulting string was calculated wrongly. Patch follows: --- php-4.4.3/ext/wddx/wddx.c Fri May 26 03:55:26 2006 +++ php-4.4.3-fixed/ext/wddx/wddx.c Mon Aug 21 16:30:44 2006 @@ -626,12 +626,13 @@ { char *tmp_buf; char *name_esc; - int name_esc_len; + int name_esc_len, tmp_buf_len; if (name) { name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES, NULL TSRMLS_CC); - tmp_buf = emalloc(name_esc_len + 1); - snprintf(tmp_buf, name_esc_len, WDDX_VAR_S, name_esc); + tmp_buf_len = name_esc_len + strlen(WDDX_VAR_S); + tmp_buf = emalloc(tmp_buf_len+1); + snprintf(tmp_buf, tmp_buf_len, WDDX_VAR_S, name_esc); php_wddx_add_chunk(packet, tmp_buf); efree(tmp_buf); efree(name_esc); ------------------------------------------------------------------------ [2006-08-17 13:06:20] hweidner at gmx dot net The function wddx_serialize_vars seems also affected: $array=array("aaa", "bbb", "ccc"); echo wddx_serialize_vars("array"); creates to the broken XML code unter PHP 4.4.3 <wddxPacket version='1.0'><header/><data><struct><var<array length='3'><string>aaa</string><string>bbb</string><string>ccc</string></array></var></struct></data></wddxPacket> ------------------------------------------------------------------------ [2006-08-08 09:57:13] clemens at gutweiler dot net Description: ------------ wddx_serialize_value generates an invalid wddx package/xml string. in php version 4.4.2 the sample code works, in 4.4.3 not. Reproduce code: --------------- <?php $array = array( 'index' => array( 1 => 'integer key', 'string' => 'string key' ) ); var_dump( wddx_serialize_value( $array ) ); ?> Expected result: ---------------- /web/cg/playground# /usr/local/php-4.4.2-fastcgi/bin/php wddx.php string(219) "<wddxPacket version='1.0'><header/ ><data><struct><var name='index'><struct><var name='1'><string>integer key</string></var><var name='string'><string>string key</string></var></struct></ var></struct></data></wddxPacket>" Actual result: -------------- /web/cg/playground# /usr/local/php-4.4.3-fastcgi/bin/php wddx.php string(179) "<wddxPacket version='1.0'><header/ ><data><struct><var <struct><string>integer key</string></ var><var n<string>string key</string></var></struct></var></ struct></data></wddxPacket>" ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=38378&edit=1
