From: Christoph M. Becker Date: Sun, 13 Aug 2017 18:51:53 +0000 (+0200) Subject: Fixed bug #73793 (WDDX uses wrong decimal seperator) X-Git-Tag: php-7.0.23RC1~6 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f64be0b0135f742df31bc97dd3c04f84f342878e;p=php Fixed bug #73793 (WDDX uses wrong decimal seperator) The WDDX specification[1] requires to serialize floats with a decimal point, but `snprintf()` is locale-dependent and may use a decimal comma. We fix that afterwards by replacing an eventual comma with a point. [1] --- diff --git a/NEWS b/NEWS index 8920376b4d..0723d99231 100644 --- a/NEWS +++ b/NEWS @@ -58,6 +58,9 @@ PHP NEWS . Fixed bug #75054 (A Denial of Service Vulnerability was found when performing deserialization). (Nikita) +- WDDX: + . Fixed bug #73793 (WDDX uses wrong decimal seperator). (cmb) + - XMLRPC: . Fixed bug #74975 (Incorrect xmlrpc serialization for classes with declared properties). (blar) diff --git a/ext/wddx/tests/bug73793.phpt b/ext/wddx/tests/bug73793.phpt new file mode 100644 index 0000000000..fed4b3525f --- /dev/null +++ b/ext/wddx/tests/bug73793.phpt @@ -0,0 +1,18 @@ +--TEST-- +Bug #73793 (WDDX uses wrong decimal seperator) +--SKIPIF-- + +--FILE-- + 5.1])); +?> +===DONE=== +--EXPECT-- +string(120) "
5.1" +===DONE=== diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index c1fe0204a5..d67ee47c2a 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -420,11 +420,15 @@ static void php_wddx_serialize_string(wddx_packet *packet, zval *var) */ static void php_wddx_serialize_number(wddx_packet *packet, zval *var) { - char tmp_buf[WDDX_BUF_LEN]; + char tmp_buf[WDDX_BUF_LEN], *dec_point; zend_string *str = zval_get_string(var); snprintf(tmp_buf, sizeof(tmp_buf), WDDX_NUMBER, ZSTR_VAL(str)); zend_string_release(str); + dec_point = strchr(tmp_buf, ','); + if (dec_point) { + *dec_point = '.'; + } php_wddx_add_chunk(packet, tmp_buf); } /* }}} */