php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #51094 parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon
Submitted: 2010-02-19 22:10 UTC Modified: 2012-06-08 01:21 UTC
Votes:4
Avg. Score:4.5 ± 0.9
Reproduced:4 of 4 (100.0%)
Same Version:2 (50.0%)
Same OS:1 (25.0%)
From: viaujoc at videotron dot ca Assigned: pierrick (profile)
Status: Closed Package: Filesystem function related
PHP Version: * OS:
Private report: No CVE-ID: None
View Developer Edit
 [2010-02-19 22:10 UTC] viaujoc at videotron dot ca 
Description:
------------
When using parse_ini_file() function with $scanner_mode=INI_SCANNER_RAW, any semi-colon (;) in the value is seen as the end of the value, even if it is enclosed in quotes.

The behavior of parse_ini_file() in PHP 5.3 with either $scanner_mode at RAW or NORMAL cannot reproduce the  behavior of PHP 5.2.

Reproduce code:
---------------
test.ini:
[TheSection]
MyKey="my;value\$"

example.php:
<?php
var_dump(parse_ini_file("test.ini",true,INI_SCANNER_RAW));
?>

Expected result:
----------------
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}

Actual result:
--------------
In PHP 5.2 (without the $scanner_mode parameter in parse_ini_file()):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(10) "my;value\$"
  }
}
(the value is returned exactly as it appears in test.ini)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_RAW):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(3) ""my"
  }
}
(notice that everything after the semi-colon has been truncated and the quote as the first character of the string)

In PHP 5.3 (with $scanner_mode=INI_SCANNER_NORMAL):
array(1) {
  ["TheSection"]=>
  array(1) {
    ["MyKey"]=>
    string(9) "my;value$"
  }
}
(notice the missing backslash (\) between the "e" and "$")

Patches

bug51094.diff (last revision 2012-06-07 13:32 UTC by [email protected])

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-02-20 10:54 UTC] [email protected] 
1. There is no such thing as raw scanning in PHP 5.2
2. This is exactly how it's supposed to work. The ; is still comment even in the raw mode. All other chars are considered just chars.
3. In PHP 5.3 the backslash inside double quotes is considered escape char. No bug here either. Use single quotes instead.
 [2010-02-20 20:00 UTC] viaujoc at videotron dot ca 
This change in the behavior of parse_ini_file() is not documented in either the documentation page for the function or the "Backward Incompatible Changes" from "Migrating from PHP 5.2.x to PHP 5.3.x".

I also hope that the updated documentation promised in bug #47703 will be published soon.
 [2011-09-25 10:27 UTC] [email protected]
-Status: Bogus +Status: Open -Operating System: Win2003 +Operating System: -PHP Version: 5.3.1 +PHP Version: *
 [2011-09-25 10:27 UTC] [email protected] 
It is clearly a parsing error as the ; is part of a quoted string.

It also works with php.ini so it may be possible to get that work with other ini 
as well (while the code is different...)
 [2012-06-06 17:00 UTC] [email protected] 
The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339002022
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339002022
 [2012-06-06 17:06 UTC] [email protected]
-Assigned To: +Assigned To: pierrick
 [2012-06-06 17:06 UTC] [email protected] 
I'll soon have one last look to make sure this patch doesn't introduce any 
problem before committing it. But if someone else want to review it, any comments 
will be welcome.
 [2012-06-07 13:32 UTC] [email protected] 
The following patch has been added/updated:

Patch Name: bug51094.diff
Revision:   1339075946
URL:        https://bugs.php.net/patch-display.php?bug=51094&patch=bug51094.diff&revision=1339075946
 [2012-06-07 15:59 UTC] [email protected] 
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2012-06-07 16:24 UTC] [email protected] 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-06-07 16:24 UTC] [email protected]
-Status: Assigned +Status: Closed
 [2012-06-07 22:05 UTC] [email protected] 
This fails for me with 5.4.5-dev on Windows 7.

The diff when I run it:
001+ string(4) ""ini"
002+ string(4) ""ini"
001- string(7) "ini;raw"
002- string(8) ""ini;raw"
 [2012-06-08 01:21 UTC] [email protected] 
This is strange, it's working well on my side. I'm on Linux but this kind of things should not change. Could you please verify that you have the last version of the 
Zend/zend_ini_scanner_defs.h and Zend/zend_ini_scanner.c files (they were committed just after the .l).

You could regenerate those files using this command : 
re2c --case-inverted -cbdFt Zend/zend_ini_scanner_defs.h -oZend/zend_ini_scanner.c Zend/zend_ini_scanner.l

to see if you have any differences

Thanks
 [2012-06-08 18:37 UTC] [email protected] 
I think thats it.

The build where it was failing for me was r8779a9a, but it now passes on a build of the newer rd24d5b6.
 [2013-08-29 06:57 UTC] kristo at waher dot net 
Related To: Bug #65568
 [2014-10-07 23:24 UTC] [email protected] 
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2014-10-07 23:35 UTC] [email protected] 
Automatic comment on behalf of pierrick
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=fed5923dbc849659321a4f9aa96634ddd1655229
Log: Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
 [2015-07-21 12:11 UTC] as at crcl dot com 
This bug is reproducible again. Tested on PHP 5.6.11
 [2018-08-08 11:26 UTC] arekm at maven dot pl 
If that's still true then report new bugreport because developers rarely read comments for old bugs.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Jun 11 11:01:26 2025 UTC