Home Original page

wddx_deserialize corrupts integer field value when left empty

Bug #52468 wddx_deserialize corrupts integer field value when left empty
Submitted: 2010-07-28 11:16 UTC Modified: 2010-08-01 19:34 UTC
From: reneouendag at hotmail dot com Assigned: felipe (profile)
Status: Closed Package: WDDX related
PHP Version: Irrelevant OS: CentOS release 5.5 (64 Bit)
Private report: No CVE-ID: None

 [2010-07-28 11:16 UTC] reneouendag at hotmail dot com

Description:
------------
Using either PHP 5.2.6 or 5.3.2, wddx_deserialize() corrupts an empty integer field.

Test script:
---------------
<?php

$message = "<wddxPacket version='1.0'><header><comment>my_command</comment></header><data><struct><var name='handle'><number></number></var></struct></data></wddxPacket>";

print_r($message);
echo "\n";
print_r(wddx_deserialize($message));

?>

Expected result:
----------------
<wddxPacket version='1.0'><header><comment>my_command</comment></header><data><struct><var name='handle'><number></number></var></struct></data></wddxPacket>
Array
(
    [handle] => 
)


Actual result:
--------------
<wddxPacket version='1.0'><header><comment>my_command</comment></header><data><struct><var name='handle'><number></number></var></struct></data></wddxPacket>
Array
(
    [handle] => 414880152
)

The number is different every time the script is run.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2010-08-01 19:34 UTC] felipe@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: felipe

 [2010-08-01 19:34 UTC] felipe@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.