From: herbert dot fischer at gmail dot com
Operating system: Linux RedHat AS3/AS4
PHP version: 5.2.0
PHP Bug Type: Strings related
Bug description: base64_decode's memory garbage
Description:
------------
I'm having issues trying to base64_decode the encoded string . I tested in
a lot of php and linux versions and on some got the error and on another
didn't. Mostly the problem seams to be on PHP 5.X
QkVHSU46VkNBTEVOREFSDQpQUk9ESUQ6LS8vR29vZ2xlIEluYy8vR29vZ2xlIENhbGVuZGFyIDcw
LjkwNTQvL0VODQpWRVJTSU9OOjIuMA0KQ0FMU0NBTEU6R1JFR09SSUFODQpNRVRIT0Q6UkVRVUVT
VA0KQkVHSU46VkVWRU5UDQpEVFNUQVJUOjIwMDYxMjE5VDIyMDAwMFoNCkRURU5EOjIwMDYxMjIw
VDAzMDAwMFoNCkRUU1RBTVA6MjAwNjEyMTlUMTc1NjA4Wg0KT1JHQU5JWkVSO0NOPUhlcmJlcnQg
RmlzY2hlcjpNQUlMVE86aGVyYmVydC5maXNjaGVyQGdtYWlsLmNvbQ0KVUlEOmI5dWdhNjdwMjNn
Z21ibG1uYW05bXM0bTlvQGdvb2dsZS5jb20NCkFUVEVOREVFO0NVVFlQRT1JTkRJVklEVUFMO1JP
TEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPUFDQ0VQVEVEO1JTVlA9VFJVRQ0KIDtDTj1IZXJi
ZXJ0IEZpc2NoZXI7WC1OVU0tR1VFU1RTPTA6TUFJTFRPOmhlcmJlcnQuZmlzY2hlckBnbWFpbC5j
b20NCkFUVEVOREVFO0NVVFlQRT1JTkRJVklEVUFMO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRT
VEFUPU5FRURTLUFDVElPTjtSU1ZQPQ0KIFRSVUU7Q049bWFpbEBoZ2Zpc2NoZXIubG9jYXdlYi5j
b20uYnI7WC1OVU0tR1VFU1RTPTA6TUFJTFRPOm1haWxAaGdmaXNjaGVyLg0KIGxvY2F3ZWIuY29t
LmJyDQpBVFRFTkRFRTtDVVRZUEU9SU5ESVZJRFVBTDtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJU
U1RBVD1URU5UQVRJVkU7UlNWUD1UUlUNCiBFO0NOPWhlcmJlcnQuZmlzY2hlckBsb2Nhd2ViLmNv
bS5icjtYLU5VTS1HVUVTVFM9MDpNQUlMVE86aGVyYmVydC5maXNjaGVyQGwNCiBvY2F3ZWIuY29t
LmJyDQpDTEFTUzpQUklWQVRFDQpDUkVBVEVEOjIwMDYxMjE5VDE1MDczOVoNCkRFU0NSSVBUSU9O
OkNoZWdvdSBvIGdyYW5kZSBkaWEgZGEgbm9zc2EgQ29uZnJhdGVybml6YT8/b1wsIHF1ZSB0ZXI/
IGluP2Npbw0KICA/cyAxOWhzIG5vIDAxMSBldmVudG9zIChSdWEgQWx2b3JhZGFcLCAxMDM1IC0g
SXRhaW0gQmliaSAtIDxhIHJlbD1ub2ZvbGxvdw0KICBocmVmPSJodHRwOi8vd3d3LjAxMWV2ZW50
b3MuY29tLmJyIiBjbGFzcz1saW5raWZpZWQgdGFyZ2V0PV9ibGFuaz53d3cuMDExZQ0KIHZlbnRv
cy5jb20uYnI8L2E
KS4gTGVtYnJvXCwgcXVlID8gYXBlbmFzIHBhcmEgb3MgZnVuY2lvbj9yaW9z
LlxuQWw/bSBkZSB1bQ0KIGEgYmFsYWRhIGNvbXBsZXRhIGNvbSBkaXJlaXRvIGEgc2Vydmk/byBk
ZSBidWZmZXRcLCBvcGVuIGJhclwsIERKXCwgcGlzdGEgZA0KIGUgZGFuP2FcLCBzb20gZGEgbWFp
cyBhbHRhIHF1YWxpZGFkZVwsIHRlcmVtb3MgbyBzb3J0ZWlvIGRlIDQ0IGJyaW5kZXNcLCBlbg0K
IHRyZSAgdGVsZXZpc29yZXNcLCBiaWNpY2xldGFzXCwgYXBhcmVsaG9zIGRlIERWRFwsIGhvbWUg
dGhlYXRlciBlIE1QMyFcbk9zIA0KIGZ1bmNpb24/cmlvcyBkbyBwZXI/b2RvIG5vdHVybm8gcXVl
IGVzdGl2ZXJlbSB0cmFiYWxoYW5kbyBubyBtb21lbnRvIGRvIHNvcg0KIHRlaW9cLCBhbD9tIGRv
cyBwcj9taW9zIGNpdGFkb3MgYWNpbWFcLCBpcj9vIGNvbmNvcnJlciBoPyB1bSBwcj9taW8gZXNw
ZWNpYQ0KIGwuXG5cbkNvbXBhcmU/YW0gYSBjb25mcmF0ZXJuaXphPz9vXCwgcXVlIHM/IHNlcj8g
IHVtIHN1Y2Vzc28gY29tIHN1YSBwcmVzZQ0KIG4/YSEhIVxuVmlzdWFsaXplIHNldSBldmVudG8g
ZW0gaHR0cDovL3d3dy5nb29nbGUuY29tL2NhbGVuZGFyL2V2ZW50P2FjdGlvbg0KID1WSUVXJmVp
ZD1ZamwxWjJFMk4zQXlNMmRuYldKc2JXNWhiVGx0Y3pSdE9XOGdiV0ZwYkVCb1oyWnBjMk5vWlhJ
dWJHOWpZWGRsWQ0KIGk1amIyMHVZbkkmdG9rPU1qVWphR1Z5WW1WeWRDNW1hWE5qYUdWeVFHZHRZ
V2xzTG1OdmJXWm1aVGd4TWpFd09ETmtZek16TlRsaw0KIE5HTm1ORFEwTVRZellqVTNNV0kyWVRj
ek1tWm1PVGsmY3R6PUFtZXJpY2ElMkZBcmdlbnRpbmElMkZCdWVub3NfQWlyZXMmaGw9cA0KIHRf
QlIuDQpMQVNULU1PRElGSUVEOjIwMDYxMjE5VDE3NTYwOFoNCkxPQ0FUSU9OOjAxMSBFdmVudG9z
DQpTRVFVRU5DRTowDQpTVEFUVVM6Q09ORklSTUVEDQpTVU1NQVJZOkZlc3RhIGRhIExvY2FXZWIN
ClRSQU5TUDpPUEFRVUUNCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVINCg==
Reproduce code:
---------------
<?php
$var =
"QkVHSU46VkNBTEVOREFSDQpQUk9ESUQ6LS8vR29vZ2xlIEluYy8vR29vZ2xlIENhbGVuZGFyIDcw
LjkwNTQvL0VODQpWRVJTSU9OOjIuMA0KQ0FMU0NBTEU6R1JFR09SSUFODQpNRVRIT0Q6UkVRVUVT
VA0KQkVHSU46VkVWRU5UDQpEVFNUQVJUOjIwMDYxMjE5VDIyMDAwMFoNCkRURU5EOjIwMDYxMjIw
VDAzMDAwMFoNCkRUU1RBTVA6MjAwNjEyMTlUMTc1NjA4Wg0KT1JHQU5JWkVSO0NOPUhlcmJlcnQg
RmlzY2hlcjpNQUlMVE86aGVyYmVydC5maXNjaGVyQGdtYWlsLmNvbQ0KVUlEOmI5dWdhNjdwMjNn
Z21ibG1uYW05bXM0bTlvQGdvb2dsZS5jb20NCkFUVEVOREVFO0NVVFlQRT1JTkRJVklEVUFMO1JP
TEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPUFDQ0VQVEVEO1JTVlA9VFJVRQ0KIDtDTj1IZXJi
ZXJ0IEZpc2NoZXI7WC1OVU0tR1VFU1RTPTA6TUFJTFRPOmhlcmJlcnQuZmlzY2hlckBnbWFpbC5j
b20NCkFUVEVOREVFO0NVVFlQRT1JTkRJVklEVUFMO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRT
VEFUPU5FRURTLUFDVElPTjtSU1ZQPQ0KIFRSVUU7Q049bWFpbEBoZ2Zpc2NoZXIubG9jYXdlYi5j
b20uYnI7WC1OVU0tR1VFU1RTPTA6TUFJTFRPOm1haWxAaGdmaXNjaGVyLg0KIGxvY2F3ZWIuY29t
LmJyDQpBVFRFTkRFRTtDVVRZUEU9SU5ESVZJRFVBTDtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJU
U1RBVD1URU5UQVRJVkU7UlNWUD1UUlUNCiBFO0NOPWhlcmJlcnQuZmlzY2hlckBsb2Nhd2ViLmNv
bS5icjtYLU5VTS1HVUVTVFM9MDpNQUlMVE86aGVyYmVydC5maXNjaGVyQGwNCiBvY2F3ZWIuY29t
LmJyDQpDTEFTUzpQUklWQVRFDQpDUkVBVEVEOjIwMDYxMjE5VDE1MDczOVoNCkRFU0NSSVBUSU9O
OkNoZWdvdSBvIGdyYW5kZSBkaWEgZGEgbm9zc2EgQ29uZnJhdGVybml6YT8/b1wsIHF1ZSB0ZXI/
IGluP2Npbw0KICA/cyAxOWhzIG5vIDAxMSBldmVudG9zIChSdWEgQWx2b3JhZGFcLCAxMDM1IC0g
SXRhaW0gQmliaSAtIDxhIHJlbD1ub2ZvbGxvdw0KICBocmVmPSJodHRwOi8vd3d3LjAxMWV2ZW50
b3MuY29tLmJyIiBjbGFzcz1saW5raWZpZWQgdGFyZ2V0PV9ibGFuaz53d3cuMDExZQ0KIHZlbnRv
cy5jb20uYnI8L2E
KS4gTGVtYnJvXCwgcXVlID8gYXBlbmFzIHBhcmEgb3MgZnVuY2lvbj9yaW9z
LlxuQWw/bSBkZSB1bQ0KIGEgYmFsYWRhIGNvbXBsZXRhIGNvbSBkaXJlaXRvIGEgc2Vydmk/byBk
ZSBidWZmZXRcLCBvcGVuIGJhclwsIERKXCwgcGlzdGEgZA0KIGUgZGFuP2FcLCBzb20gZGEgbWFp
cyBhbHRhIHF1YWxpZGFkZVwsIHRlcmVtb3MgbyBzb3J0ZWlvIGRlIDQ0IGJyaW5kZXNcLCBlbg0K
IHRyZSAgdGVsZXZpc29yZXNcLCBiaWNpY2xldGFzXCwgYXBhcmVsaG9zIGRlIERWRFwsIGhvbWUg
dGhlYXRlciBlIE1QMyFcbk9zIA0KIGZ1bmNpb24/cmlvcyBkbyBwZXI/b2RvIG5vdHVybm8gcXVl
IGVzdGl2ZXJlbSB0cmFiYWxoYW5kbyBubyBtb21lbnRvIGRvIHNvcg0KIHRlaW9cLCBhbD9tIGRv
cyBwcj9taW9zIGNpdGFkb3MgYWNpbWFcLCBpcj9vIGNvbmNvcnJlciBoPyB1bSBwcj9taW8gZXNw
ZWNpYQ0KIGwuXG5cbkNvbXBhcmU/YW0gYSBjb25mcmF0ZXJuaXphPz9vXCwgcXVlIHM/IHNlcj8g
IHVtIHN1Y2Vzc28gY29tIHN1YSBwcmVzZQ0KIG4/YSEhIVxuVmlzdWFsaXplIHNldSBldmVudG8g
ZW0gaHR0cDovL3d3dy5nb29nbGUuY29tL2NhbGVuZGFyL2V2ZW50P2FjdGlvbg0KID1WSUVXJmVp
ZD1ZamwxWjJFMk4zQXlNMmRuYldKc2JXNWhiVGx0Y3pSdE9XOGdiV0ZwYkVCb1oyWnBjMk5vWlhJ
dWJHOWpZWGRsWQ0KIGk1amIyMHVZbkkmdG9rPU1qVWphR1Z5WW1WeWRDNW1hWE5qYUdWeVFHZHRZ
V2xzTG1OdmJXWm1aVGd4TWpFd09ETmtZek16TlRsaw0KIE5HTm1ORFEwTVRZellqVTNNV0kyWVRj
ek1tWm1PVGsmY3R6PUFtZXJpY2ElMkZBcmdlbnRpbmElMkZCdWVub3NfQWlyZXMmaGw9cA0KIHRf
QlIuDQpMQVNULU1PRElGSUVEOjIwMDYxMjE5VDE3NTYwOFoNCkxPQ0FUSU9OOjAxMSBFdmVudG9z
DQpTRVFVRU5DRTowDQpTVEFUVVM6Q09ORklSTUVEDQpTVU1NQVJZOkZlc3RhIGRhIExvY2FXZWIN
ClRSQU5TUDpPUEFRVUUNCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVINCg==";
$res = base64_decode($var);
echo ($res === false) ? "NOPE\n" : "===\n$res\n===\n";
$res = mb_convert_encoding($var, 'ISO-8859-1', 'BASE64');
echo ($res === false) ? "NOPE\n" : "===\n$res\n===\n";
$res = iconv('BASE64', 'ISO-8859-1', $res);
echo ($res === false) ? "NOPE\n" : "===\n$res\n===\n";
?>
Expected result:
----------------
BEGIN:VCALENDAR
PRODID:-//Google Inc//Google Calendar 70.9054//EN
VERSION:2.0
CALSCALE:GREGORIAN
METHOD:REQUEST
BEGIN:VEVENT
DTSTART:20061219T220000Z
DTEND:20061220T030000Z
DTSTAMP:20061219T175608Z
ORGANIZER;CN=Herbert Fischer:MAILTO:[EMAIL PROTECTED]
UID:[EMAIL PROTECTED]
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=TRUE
;CN=Herbert Fischer;X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=
TRUE;[EMAIL PROTECTED];X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
locaweb.com.br
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=TENTATIVE;RSVP=TRU
E;[EMAIL PROTECTED];X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
ocaweb.com.br
CLASS:PRIVATE
CREATED:20061219T150739Z
DESCRIPTION:Chegou o grande dia da nossa Confraterniza??o\, que ter?
in?cio
?s 19hs no 011 eventos (Rua Alvorada\, 1035 - Itaim Bibi - <a
rel=nofollow
href="http://www.011eventos.com.br"; class=linkified
target=_blank>www.011e
ventos.com.br</a
K[X]YHE\[\E\HÜE[U[UÜ[Ü.\nAl?m de um
a balada completa com direito a servi?o de buffet\, open bar\, DJ\, pista
d
e dan?a\, som da mais alta qualidade\, teremos o sorteio de 44 brindes\,
en
tre televisores\, bicicletas\, aparelhos de DVD\, home theater e
MP3!\nOs
funcion?rios do per?odo noturno que estiverem trabalhando no momento do
sor
teio\, al?m dos pr?mios citados acima\, ir?o concorrer h? um pr?mio
especia
l.\n\nCompare?am a confraterniza??o\, que s? ser? um sucesso com sua
prese
n?a!!!\nVisualize seu evento em
http://www.google.com/calendar/event?action
=VIEW&eid=Yjl1Z2E2N3AyM2dnbWJsbW5hbTltczRtOW8gbWFpbEBoZ2Zpc2NoZXIubG9jYXdlY
i5jb20uYnI&tok=MjUjaGVyYmVydC5maXNjaGVyQGdtYWlsLmNvbWZmZTgxMjEwODNkYzMzNTlk
NGNmNDQ0MTYzYjU3MWI2YTczMmZmOTk&ctz=America%2FArgentina%2FBuenos_Aires&hl=p
t_BR.
LAST-MODIFIED:20061219T175608Z
LOCATION:011 Eventos
SEQUENCE:0
STATUS:CONFIRMED
SUMMARY:Festa da LocaWeb
TRANSP:OPAQUE
END:VEVENT
END:VCALENDAR
Actual result:
--------------
BEGIN:VCALENDAR
PRODID:-//Google Inc//Google Calendar 70.9054//EN
VERSION:2.0
CALSCALE:GREGORIAN
METHOD:REQUEST
BEGIN:VEVENT
DTSTART:20061219T220000Z
DTEND:20061220T030000Z
DTSTAMP:20061219T175608Z
ORGANIZER;CN=Herbert Fischer:MAILTO:[EMAIL PROTECTED]
UID:[EMAIL PROTECTED]
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=TRUE
;CN=Herbert Fischer;X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=
TRUE;[EMAIL PROTECTED];X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
locaweb.com.br
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=TENTATIVE;RSVP=TRU
E;[EMAIL PROTECTED];X-NUM-GUESTS=0:MAILTO:[EMAIL PROTECTED]
ocaweb.com.br
CLASS:PRIVATE
CREATED:20061219T150739Z
DESCRIPTION:Chegou o grande dia da nossa Confraterniza??o\, que ter?
in?cio
?s 19hs no 011 eventos (Rua Alvorada\, 1035 - Itaim Bibi - <a
rel=nofollow
href="http://www.011eventos.com.br"; class=linkified
target=_blank>www.011e
ventos.com.br</a
K��[X×���]YH�È�\�[\È��\H�ÜÈ�[Ú[ÛÜ[ÜË�[�ÛH��H�[CB�H�[�Y�H�ÛÛ\��]�H�ÛÛH��\Z]�È�H�Ù\OÛÈ��H�Y]����Ü�[�\��������\Ý�H��B�H��[ØW���ÛÛH��H�XZ\È�[��H�]X[�Y�Y�W����\[[ÜÈ�È�ÛÜ�Z[È��H
��[�\×���[B��H���[�]\ÛÜ\×���XÚXÛ�]�\×���\�\[��ÜÈ��H�������ÛYH���X]�\�H�T
�
ÈW�ÜÈ�B�[Ú[ÛÜ[ÜÈ��È��\ÛÙ�È�Ý�\È�]YH�\Ý�]\[H��X[��[�È�È�[ÛY[�È��È�ÛÜB��Z[×���[�ÛH��ÜÈ��ÛZ[ÜÈ�Ú]�Y�ÜÈ�XÚ[XW���\ÛÈ�ÛÛÛÜ\��È�[H��ÛZ[È�\Ü�XÚXCB����ÛÛ\�\OØ[H�H�ÛÛ]�\^OÏÛ×���]YH�ÏÈ�Ù\È��[H�ÝXÙ\ÜÛÈ�ÛÛH�ÝXH��\ÙCB�ØHHHW�\ÝX[�^H�Ù]H�][�È�[H�����ËÝÝÝËÛÛÙÛ�KÛÛKØØ[�[�\Ù][�ØXÝ�[ÛB�UQUÉZY�VZ
�
VLÐ^SL�ÒØÍZ����Þ�ÕÎ�ØÑ�PÖ�ÌÖ�]XÎZV���CB�MZ�V[I�ÚÏSZZQÕV[UY�Í[XV�QÕTQÙ��UÛ�Ó�SÖV�Þ�Z]ÓÑ�Ö^^��ÃB�ÓS�L�U�^ZLÓUÒLU�Þ[VSÕ�ÉÝ�P[Y\XØIL\Ù[�[ILY[Ü×ÐZ\\É��\�B��ÐB�TÕ�SSÑ�QQQ�
�
LNU�MÍM��B�ÐÐU�SÓ�
LH�][�ÜÃBÑTUQSÑN�BÕ�U�TÎÓÓTQQ�BÕSSPTN\Ý�H��H��ØØUÙXB�SÔ�Ô�TUQCBS�US�BS�ÐS�S�TB
--
Edit bug report at http://bugs.php.net/?id=39908&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=39908&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=39908&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=39908&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=39908&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=39908&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=39908&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=39908&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=39908&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=39908&r=support
Expected behavior: http://bugs.php.net/fix.php?id=39908&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=39908&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=39908&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=39908&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39908&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=39908&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=39908&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=39908&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=39908&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=39908&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=39908&r=mysqlcfg
