Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PHP Array and Null Bytes

From: Stefan Lochbihler <steve01 () chello at>
Date: Sat, 11 Nov 2006 21:06:29 +0100
Before i start to read the whole source please tell me if php act according to the rules.
Once again - when i create the following array with apostrophes <http://odge.de/englisch-deutsch/apostrophe.html> in php 

arr['\0'] = ...

the output from <<print_r>> is as  follow: Array( [\0]  ...)

When i create the array with quotes the output is as follow:

arr["\0"] = ... Array ( Null Byte)

When i create the array from the url with register globals on

arr[%00]  the output is as follow:  Simply nothing  !

PS: read the php source, 'array's are implemented in Zend/zend_hash.c
I know that i could do this, but it cost a lot of time and therefor i decided 
     to ask someone who may had the same problem :-)

regards

Steve






upb schrieb:

read the php source, 'array's are implemented in Zend/zend_hash.c :)

On 11/10/06, Stefan Lochbihler <steve01 () chello at> wrote:


Hi guys,

some questions to NULL Bytes within PHP Arrays.

Let us assume there exist a php script with the following code.

$erg=$_GET['show']

if(!isset($arr[$erg]) $erg="something";

$arr is a predefined variable but with "register globals on" it would be
possible to set your own Array Key. This means when you set

$erg=test
$arr[test]

you could deliver almost every chars you want. My problem is that
i want to deliver a content like that.

$erg=index.html%00
$arr[index.html%00]

The problem is that the Null Byte within the array destroy the array.
My question is if there exist a way to avoid the Null Byte within
the array. For example (im not really familiar with charsets)
to create the Null Byte with the help of f.e. UTF-7 encoded
chars.

If someone has an idea please let me know.

Best regards

Steve



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Attachment: steve01.vcf
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: