cataphract                               Thu, 30 Jun 2011 09:26:35 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=312661

Log:
- Fixed bug #55082 (var_export() doesn't escape properties properly).

Bug: https://bugs.php.net/55082 (Open) var_export() doesn't escape properties 
properly
      
Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    A   
php/php-src/branches/PHP_5_3/ext/standard/tests/general_functions/var_export_basic9.phpt
    U   php/php-src/branches/PHP_5_3/ext/standard/var.c
    A   
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/var_export_basic9.phpt
    U   php/php-src/branches/PHP_5_4/ext/standard/var.c
    A   
php/php-src/trunk/ext/standard/tests/general_functions/var_export_basic9.phpt
    U   php/php-src/trunk/ext/standard/var.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2011-06-30 08:15:06 UTC (rev 312660)
+++ php/php-src/branches/PHP_5_3/NEWS   2011-06-30 09:26:35 UTC (rev 312661)
@@ -3,6 +3,8 @@
 ?? ??? 2011, PHP 5.3.7
 - Core:
   . Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski.
+  . Fixed bug #55082 (var_export() doesn't escape properties properly).
+    (Gustavo)

 - DateTime extension:
   . Fixed bug where the DateTime object got changed while using date_diff().

Added: 
php/php-src/branches/PHP_5_3/ext/standard/tests/general_functions/var_export_basic9.phpt
===================================================================
--- 
php/php-src/branches/PHP_5_3/ext/standard/tests/general_functions/var_export_basic9.phpt
                            (rev 0)
+++ 
php/php-src/branches/PHP_5_3/ext/standard/tests/general_functions/var_export_basic9.phpt
    2011-06-30 09:26:35 UTC (rev 312661)
@@ -0,0 +1,11 @@
+--TEST--
+Bug #55082: var_export() doesn't escape properties properly
+--FILE--
+<?php
+       $x = new stdClass();
+       $x->{'\'\\'} = 7;
+       echo var_export($x);
+--EXPECT--
+stdClass::__set_state(array(
+   '\'\\' => 7,
+))


Property changes on: 
php/php-src/branches/PHP_5_3/ext/standard/tests/general_functions/var_export_basic9.phpt
___________________________________________________________________
Added: svn:keywords
   + Id Rev Revision
Added: svn:eol-style
   + native

Modified: php/php-src/branches/PHP_5_3/ext/standard/var.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/standard/var.c     2011-06-30 08:15:06 UTC 
(rev 312660)
+++ php/php-src/branches/PHP_5_3/ext/standard/var.c     2011-06-30 09:26:35 UTC 
(rev 312661)
@@ -387,18 +387,26 @@
 {
        int level;
        smart_str *buf;
-       char *prop_name, *class_name;

        level = va_arg(args, int);
        buf = va_arg(args, smart_str *);

        buffer_append_spaces(buf, level + 2);
        if (hash_key->nKeyLength != 0) {
-               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1, &class_name, &prop_name);
+               char *class_name, /* ignored, but must be passed to unmangle */
+                        *pname,
+                        *pname_esc;
+               int  pname_esc_len;
+
+               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1,
+                               &class_name, &pname);
+               pname_esc = php_addcslashes(pname, strlen(pname), 
&pname_esc_len, 0,
+                       "'\\", 2 TSRMLS_CC);

                smart_str_appendc(buf, '\'');
-               smart_str_appends(buf, prop_name);
+               smart_str_appendl(buf, pname_esc, pname_esc_len);
                smart_str_appendc(buf, '\'');
+               efree(pname_esc);
        } else {
                smart_str_append_long(buf, hash_key->h);
        }

Added: 
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/var_export_basic9.phpt
===================================================================
--- 
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/var_export_basic9.phpt
                            (rev 0)
+++ 
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/var_export_basic9.phpt
    2011-06-30 09:26:35 UTC (rev 312661)
@@ -0,0 +1,11 @@
+--TEST--
+Bug #55082: var_export() doesn't escape properties properly
+--FILE--
+<?php
+       $x = new stdClass();
+       $x->{'\'\\'} = 7;
+       echo var_export($x);
+--EXPECT--
+stdClass::__set_state(array(
+   '\'\\' => 7,
+))


Property changes on: 
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/var_export_basic9.phpt
___________________________________________________________________
Added: svn:keywords
   + Id Rev Revision
Added: svn:eol-style
   + native

Modified: php/php-src/branches/PHP_5_4/ext/standard/var.c
===================================================================
--- php/php-src/branches/PHP_5_4/ext/standard/var.c     2011-06-30 08:15:06 UTC 
(rev 312660)
+++ php/php-src/branches/PHP_5_4/ext/standard/var.c     2011-06-30 09:26:35 UTC 
(rev 312661)
@@ -384,18 +384,26 @@
 {
        int level;
        smart_str *buf;
-       char *prop_name, *class_name;

        level = va_arg(args, int);
        buf = va_arg(args, smart_str *);

        buffer_append_spaces(buf, level + 2);
        if (hash_key->nKeyLength != 0) {
-               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1, &class_name, &prop_name);
+               char *class_name, /* ignored, but must be passed to unmangle */
+                        *pname,
+                        *pname_esc;
+               int  pname_esc_len;
+
+               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1,
+                               &class_name, &pname);
+               pname_esc = php_addcslashes(pname, strlen(pname), 
&pname_esc_len, 0,
+                       "'\\", 2 TSRMLS_CC);

                smart_str_appendc(buf, '\'');
-               smart_str_appends(buf, prop_name);
+               smart_str_appendl(buf, pname_esc, pname_esc_len);
                smart_str_appendc(buf, '\'');
+               efree(pname_esc);
        } else {
                smart_str_append_long(buf, (long) hash_key->h);
        }

Added: 
php/php-src/trunk/ext/standard/tests/general_functions/var_export_basic9.phpt
===================================================================
--- 
php/php-src/trunk/ext/standard/tests/general_functions/var_export_basic9.phpt   
                            (rev 0)
+++ 
php/php-src/trunk/ext/standard/tests/general_functions/var_export_basic9.phpt   
    2011-06-30 09:26:35 UTC (rev 312661)
@@ -0,0 +1,11 @@
+--TEST--
+Bug #55082: var_export() doesn't escape properties properly
+--FILE--
+<?php
+       $x = new stdClass();
+       $x->{'\'\\'} = 7;
+       echo var_export($x);
+--EXPECT--
+stdClass::__set_state(array(
+   '\'\\' => 7,
+))


Property changes on: 
php/php-src/trunk/ext/standard/tests/general_functions/var_export_basic9.phpt
___________________________________________________________________
Added: svn:keywords
   + Id Rev Revision
Added: svn:eol-style
   + native

Modified: php/php-src/trunk/ext/standard/var.c
===================================================================
--- php/php-src/trunk/ext/standard/var.c        2011-06-30 08:15:06 UTC (rev 
312660)
+++ php/php-src/trunk/ext/standard/var.c        2011-06-30 09:26:35 UTC (rev 
312661)
@@ -384,18 +384,26 @@
 {
        int level;
        smart_str *buf;
-       char *prop_name, *class_name;

        level = va_arg(args, int);
        buf = va_arg(args, smart_str *);

        buffer_append_spaces(buf, level + 2);
        if (hash_key->nKeyLength != 0) {
-               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1, &class_name, &prop_name);
+               char *class_name, /* ignored, but must be passed to unmangle */
+                        *pname,
+                        *pname_esc;
+               int  pname_esc_len;
+
+               zend_unmangle_property_name(hash_key->arKey, 
hash_key->nKeyLength - 1,
+                               &class_name, &pname);
+               pname_esc = php_addcslashes(pname, strlen(pname), 
&pname_esc_len, 0,
+                       "'\\", 2 TSRMLS_CC);

                smart_str_appendc(buf, '\'');
-               smart_str_appends(buf, prop_name);
+               smart_str_appendl(buf, pname_esc, pname_esc_len);
                smart_str_appendc(buf, '\'');
+               efree(pname_esc);
        } else {
                smart_str_append_long(buf, (long) hash_key->h);
        }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to