ID: 32371 Updated by: [EMAIL PROTECTED] Reported By: phpint-bkrrym at skrt dot org -Status: Assigned +Status: Closed Bug Type: Filesystem function related Operating System: * PHP Version: 5CVS, 4CVS (2005-03-19) Assigned To: pollita New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. While that fixes the observed problem, it actually still leaves a bug when filters are applied. The root of the issue is how php://input treats stream->position. I've applied a fix to branches 4.4, 5.0, 5.1, and HEAD. If you'd like to try applying just this patch to test it out on your own system, it can be found at: http://cvs.php.net/php-src/ext/standard/php_fopen_wrapper.c HEAD: r-1.51 5.1: r-1.45.2.2 5.0: r-1.44.2.1 4.4: r-1.29.2.4.8.1 Previous Comments: ------------------------------------------------------------------------ [2005-08-11 16:15:29] [EMAIL PROTECTED] Sara, could you take a look at this? It seems ok, but I don't have time to verify it. ------------------------------------------------------------------------ [2005-03-19 02:25:49] phpint-bkrrym at skrt dot org Description: ------------ Full description and PATCH for 5-CVS and 4.3.10 are here: http://thepathetic.com/jozef/php_input_stream_patch.html http://thepathetic.com/jozef/php-5.0.3-input_stream.patch http://thepathetic.com/jozef/php-4.3.10-input_stream.patch Both 5 and 4.3.10 have the problem (same code). Because of a subtle buffer index bug, in some cases, the php://input stream returns incorrect data. Symptoms: If the php://input is parsed in 4000-byte chunks, the first corruption occurs at byte number 8193 (1-based). A chunk of the previous 192 bytes repeats there. The same corruption happens periodically in the data if it is long enough. The problem was discovered when directly parsing a POSTed XML with a long text-node. Interestingly enough, reading the contents of php://input with file_get_contents and parsing the string works around the symptoms. Reproduce code: --------------- $s = simplexml_load_file('php://input'); sees the text node corrupted, whereas $d = file_get_contents('php://input'); $s = simplexml_load_string($d); does not. Expected result: ---------------- should be the same in both cases Actual result: -------------- difference at byte number 8193 (1-based) from the begining of the xml. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=32371&edit=1
