variable name and cookie name match breaks script execution
| Bug #38211 | variable name and cookie name match breaks script execution | ||||
|---|---|---|---|---|---|
| Submitted: | 2006-07-25 18:00 UTC | Modified: | 2006-07-26 09:28 UTC | ||
| From: | tokul at users dot sourceforge dot net | Assigned: | dmitry (profile) | ||
| Status: | Closed | Package: | Reproducible crash | ||
| PHP Version: | 5CVS-2006-07-25 (snap) | OS: | Linux Debian Sarge | ||
| Private report: | No | CVE-ID: | None | ||
[2006-07-25 18:00 UTC] tokul at users dot sourceforge dot net
Description: ------------ If PHP register_globals are turned on and code tries to unset globals, unset command can break script execution. It is possible that issue is not in unset() command. Maybe it is caused by some foreach() function changes or some session/cookie handling changes. Issue was reported on php-qa mailing list by Phil Driscoll (http://news.php.net/php.qa/26841). PHP 5.2.0rc2-dev (200607251030) snapshot. Compiled as Apache2 DSO module. register_globals are turned on in php.ini. I can provide configure command and php.ini settings, if you need them. error_reporting is set to E_ALL Can't reproduce it in 5.1.4 or older versions. Reproduce code: --------------- <?php if (!isset($_COOKIE['test'])) { setcookie('test','somevalue'); echo 'reload script'; } else { foreach ($_REQUEST as $test => $value) { // code crashes on unset() call unset($GLOBALS[$test]); } echo time(); } ?> Expected result: ---------------- script should display 'reload script' on first load and timestamp on second load. Actual result: -------------- script displays 'reload script' on first load (cookie is not set) and crashes without any visible error when it is reloaded.
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2006-07-25 18:02 UTC] tokul at users dot sourceforge dot net
[2006-07-26 05:20 UTC] tokul at users dot sourceforge dot net