Fix PHP8 crash due to insufficient isset test#670
Merged
mblaney merged 1 commit intosimplepie:masterfrom Jan 31, 2021
Merged
Conversation
Alkarex
commented
Jan 29, 2021
library/SimplePie/Item.php
Outdated
| if (isset($enclosure[0]['attribs']['']['length'])) | ||
| if (!empty($enclosure[0]['attribs']['']['length'])) | ||
| { | ||
| $length = ceil($enclosure[0]['attribs']['']['length']); |
Contributor
Author
There was a problem hiding this comment.
Here was the actual crash with PHP8+
Member
There was a problem hiding this comment.
It will still crash when invalid enclosure="foo" attribute is provided. Perhaps rather than checking emptiness, we should check if the value is a number.
Contributor
Author
Contributor
Author
There was a problem hiding this comment.
intval() will cast any wrong value to 0, which is also the behaviour for ceil() in PHP7-
Member
There was a problem hiding this comment.
That should work (with slightly different semantics for numbers with decimal point) but now the ceil is not longer necessary.
Contributor
Author
There was a problem hiding this comment.
Ah, right, on mobile now, but will simplify tomorrow
Contributor
Author
There was a problem hiding this comment.
Otherwise floatval() could be an option to keep ceil()
Contributor
Author
There was a problem hiding this comment.
intval() is probably better, since length and fileSize are both expressed in bytes anyway
Contributor
Author
|
The Travis integration does not work, but I passed the tests manually, and they are unchanged before/after my PR: |
Member
|
thanks for fixing the |
Contributor
Author
|
@mblaney I kept |
`ceil()` crashes in PHP8+ in case of invalid input such as empty string. `intval()` fixes the problem with almost identical beahviour than `ceil()` in PHP7- (except for flotting point values) #fix FreshRSS/FreshRSS#3401 (crash with PHP 8+) Example with feed http://podcast.hr2.de/derTag/podcast.xml ```xml <enclosure url="https://mp3podcasthr-a.akamaihd.net:443/mp3/podcast/derTag/derTag_20210129_87093232.mp3" length="" type="audio/mpeg"/> ``` `isset("")` passes and then `ceil("")` crashes due to wrong type in PHP8+: ``` Uncaught TypeError: ceil(): Argument #1 ($num) must be of type int|float, string given in ./SimplePie/SimplePie/Item.php:2871 ```
6abfae5 to
6323ec7
Compare
Contributor
Author
|
@mblaney I have reverted to address only the specific problem of |
Alkarex
added a commit
to FreshRSS/FreshRSS
that referenced
this pull request
Jan 31, 2021
#fix #3401 (crash with PHP 8+) `ceil()` crashes in PHP8+ in case of invalid input such as empty string. `intval()` fixes the problem with almost identical behaviour than `ceil()` in PHP7- (except for floating point values) #fix #3401 (crash with PHP 8+) Example with feed http://podcast.hr2.de/derTag/podcast.xml ```xml <enclosure url="https://mp3podcasthr-a.akamaihd.net:443/mp3/podcast/derTag/derTag_20210129_87093232.mp3" length="" type="audio/mpeg"/> ``` `isset("")` passes and then `ceil("")` crashes due to wrong type in PHP8+: ``` Uncaught TypeError: ceil(): Argument #1 ($num) must be of type int|float, string given in ./SimplePie/SimplePie/Item.php:2871 ``` Upstream patch simplepie/simplepie#670
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
#fix FreshRSS/FreshRSS#3401 (crash with PHP 8+)
ceil()crashes in PHP8+ in case of invalid input such as empty string.intval()fixes the problem with almost identical behaviour thanceil()in PHP7- (except for floating point values)#fix FreshRSS/FreshRSS#3401 (crash with PHP 8+)
Example with feed http://podcast.hr2.de/derTag/podcast.xml
isset("")passes and thenceil("")crashes due to wrong type in PHP8+: