Re: [PHP-DEV] Fixing string offsets of strings.

Hi! BTW these are failing in head at present - I guess somebody is working on them... globals in global scope [Zend/tests/globals_001.phpt] globals in local scope [Zend/tests/globals_002.phpt] globals in local scope - 2 [Zend/tests/globals_003.phpt] globals in local scope - 3 [Zend/tests/globals

Re: [PHP-DEV] Fixing string offsets of strings.

Done https://bugs.php.net/patch-display.php?bug_id=60362&patch=fix_to_prevent_warning_on_isset_empty_for_55_and_a_half.patch&revision=latest BTW these are f

Re: [PHP-DEV] Fixing string offsets of strings.

The fix for the warning is to use 0, rather than -1 as the last argument for is_numeric_string(), only in the zend_vm - isset code - it's a usefull warning when not used with isset. I'm just testing a patch and the related tests and will upload it to the bug soon. Regards Alan On Monday, De

Re: [PHP-DEV] Fixing string offsets of strings.

Hi! This should implement the isset() return false, and accessing producing a warning (but 'less' BC by returning the first character) https://bugs.php.net/patch-display.php?bug_id=60362&patch=isset_changed_warning_only_on_access.patch&revision=latest

Re: [PHP-DEV] Fixing string offsets of strings.

This should implement the isset() return false, and accessing producing a warning (but 'less' BC by returning the first character) https://bugs.php.net/patch-display.php?bug_id=60362&patch=isset_changed_warning_only_on_access.patch&revision=latest

Re: Re: [PHP-DEV] Fixing string offsets of strings.

I think I got what you where after - not to clear on the $s['offset'] should result in empty or 'o' This is the latest relivant patch https://bugs.php.net/patch-display.php?bug_id=60362&patch=fix_disabling_bad_string_offsets&revision=latest In that patch $s['offset'] would return an empty str

Re: [PHP-DEV] Fixing string offsets of strings.

Hi! I think only trigger notice when a convertion of string to number index is a good way (trivial bc break). This however doesn't solve the problem with isset() (which still produces true then). BTW, notices there may lead to interruption problems (imagine some error handler that may

Re: [PHP-DEV] Fixing string offsets of strings.

On Sun, Dec 18, 2011 at 7:54 AM, Stas Malyshev wrote: > Hi! > > I think the idea behind this patch is good. I'll do final checks and apply > it tomorrow if no objections heard until then. > > Some notes: > > >> $s = "string";  isset($s['offset']) returns false >> This is pretty critical, as it's t

Re: [PHP-DEV] Fixing string offsets of strings.

Hi! I think the idea behind this patch is good. I'll do final checks and apply it tomorrow if no objections heard until then. Some notes: $s = "string"; isset($s['offset']) returns false This is pretty critical, as it's the only way to detect this situation, and ensure that array tests do n

Re: Re: Re: [PHP-DEV] Fixing string offsets of strings.

I need to check b) will work with dereferencing and isset - but yes, I think it will probably be the best way to go for now. the NOTICE is probably just a missing 'E_' so it should be E_NOTICE - I had a typo there at one point. Regards Alan --- On 07/Dec/2011, Daniel Convissor wrote: > Hi Al

Re: Re: [PHP-DEV] Fixing string offsets of strings.

Hi Alan: > b) fix isset, and return first character > ISSET: return false (no warning) > READ: warning + return first character (similar to current behavior > except dereferenced strings) > > c) fix isset, and return empty strings > ISSET: return false (no warning) > READ: warning + return empty

Re: Re: [PHP-DEV] Fixing string offsets of strings.

> Thanks so much for the patch. Looking at the source I noticed some > small things (care to build a bike shed with me? :). > > Many of the test EXPECT's have %d changed to hard coded line numbers and > others have %s changed to hard coded file names. In some of them, > that's all that changed

Re: [PHP-DEV] Fixing string offsets of strings.

Hi Alan: On Mon, Dec 05, 2011 at 09:59:50AM -0500, Daniel Convissor wrote: > > I tried to apply the patch to 54 and trunk via "patch < bug.diff" > (which usually works fine) and all hunks failled. Not sure what I'm > doing wrong. Ah, I needed to do "patch -p0 < bug.diff" But now that I applied

Re: [PHP-DEV] Fixing string offsets of strings.

Hi Alan: > https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696 Thanks so much for the patch. Looking at the source I noticed some small things (care to build a bike shed with me? :). Many of the test EXPECT's have %d changed to hard coded

Re: [PHP-DEV] Fixing string offsets of strings.

On Monday, December 05, 2011 11:21 AM, Laruence wrote: Hi: I think we can only trigger notice, then act the same behavior as before. include isset. this would introduce the fewest bc breaks, I think the isset behavior should be fixed (as the BC will be broken anyway with deferenced stri

Re: [PHP-DEV] Fixing string offsets of strings.

Hi: I think we can only trigger notice, then act the same behavior as before. include isset. this would introduce the fewest bc breaks, what do you think? thanks On Mon, Dec 5, 2011 at 7:25 AM, Alan Knowles wrote: > A few answers... > > $s = "string";  isset($s['offset']) returns fals

Re: [PHP-DEV] Fixing string offsets of strings.

2011/12/4 Johannes Schlüter > On Sun, 2011-12-04 at 00:08 +0800, Alan Knowles wrote: > > This patch is a start. > > > https://bugs.php.net/patch-display.php?bug_id=60362&patch=first_effort_to_fix_this&revision=latest > > > > It's been quite a while since I hacked on the engine, so the patch only

Re: [PHP-DEV] Fixing string offsets of strings.

A few answers... $s = "string"; isset($s['offset']) returns false This is pretty critical, as it's the only way to detect this situation, and ensure that array tests do not return positive results for strings. It also catches an obvious, but previously hidden and probably serious bugs in the

Re: [PHP-DEV] Fixing string offsets of strings.

Hi: I have submit a new patch based on the origin patch, which only trigger notice when string offset cast occurred. thanks On Sun, Dec 4, 2011 at 10:25 PM, Laruence wrote: > +1. > > thanks. > > On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote: >> On Sat, Dec 3, 2011 at 5:08 PM, Alan K

Re: [PHP-DEV] Fixing string offsets of strings.

On Sun, 2011-12-04 at 00:08 +0800, Alan Knowles wrote: > This patch is a start. > https://bugs.php.net/patch-display.php?bug_id=60362&patch=first_effort_to_fix_this&revision=latest > > It's been quite a while since I hacked on the engine, so the patch only > works reasonably well.. (see the FIXME

Re: [PHP-DEV] Fixing string offsets of strings.

On Mon, Dec 5, 2011 at 12:39 AM, Etienne Kneuss wrote: > Hi, > > On Sun, Dec 4, 2011 at 15:25, Laruence wrote: >> >> +1. >> >> thanks. >> >> On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote: >> > On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote: >> > >> >> I've had a look at making string

Re: [PHP-DEV] Fixing string offsets of strings.

Hi, On Sun, Dec 4, 2011 at 15:25, Laruence wrote: > +1. > > thanks. > > On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote: > > On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote: > > > >> I've had a look at making string offsets of strings a bit saner. > >> > >> At present with the fix for

Re: [PHP-DEV] Fixing string offsets of strings.

+1. thanks. On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote: > On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote: > >> I've had a look at making string offsets of strings a bit saner. >> >> At present with the fix for array dereferencing :  ?search=hello and a >> test like isset($_GET['se

Re: [PHP-DEV] Fixing string offsets of strings.

On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote: > I've had a look at making string offsets of strings a bit saner. > > At present with the fix for array dereferencing : ?search=hello and a > test like isset($_GET['search']['name']) results in true, which is has > potential security problems

Re: [PHP-DEV] Fixing string offsets of strings.

Hi, 2011/12/4 Alan Knowles : > This is ready for review now. > > https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696 > > This resolves the worst behavior changes introduced by the dereferencing of > strings fix. > https://bugs.php.net/bug.php

Re: [PHP-DEV] Fixing string offsets of strings.

hi! same here. Thanks for this patch! On Sun, Dec 4, 2011 at 2:28 PM, Ilia Alshanetsky wrote: > Seems like a good change +1. Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http:/

Re: [PHP-DEV] Fixing string offsets of strings.

Seems like a good change +1. On Sun, Dec 4, 2011 at 7:55 AM, Alan Knowles wrote: > This is ready for review now. > > https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696 > > This resolves the worst behavior changes introduced by the dereferen

Re: [PHP-DEV] Fixing string offsets of strings.

This is ready for review now. https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696 This resolves the worst behavior changes introduced by the dereferencing of strings fix. https://bugs.php.net/bug.php?id=60362 All tests (in Zend/tests) pa

[PHP-DEV] Fixing string offsets of strings.

I've had a look at making string offsets of strings a bit saner. At present with the fix for array dereferencing : ?search=hello and a test like isset($_GET['search']['name']) results in true, which is has potential security problems and is very confusing for any programmer finding and worki