Details
-
Type:
Improvement
-
Status:
Resolved
-
Priority:
Trivial
-
Resolution: Fixed
-
Affects Version/s: 1.6.0, 1.6.1, 1.6.2, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 1.7.8, 1.7.9, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.8.5, 1.9.0, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.10.0, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.10.5
-
Fix Version/s: 1.11.6
-
Component/s: Zend_Amf
-
Labels:None
Description
In the _handle() method in Zend_Amf_Server, there is a try/catch block that uses a variable ($message) that sometimes isn't initialized.
Line 507-571
try { if ($handleAuth) { if ($this->_handleAuth( $headers[Zend_Amf_Constants::CREDENTIALS_HEADER]->userid, $headers[Zend_Amf_Constants::CREDENTIALS_HEADER]->password)) { // *snip* // _handleAuth throws an exception when authentication failes } } if ($objectEncoding == Zend_Amf_Constants::AMF0_OBJECT_ENCODING) { $message = ''; // *snip* } else { $message = $body->getData(); // *snip* } } catch (Exception $e) { $return = $this->_errorMessage($objectEncoding, $message, $e->getMessage(), $e->getTraceAsString(),$e->getCode(), $e->getLine()); }
As you can see, when _handleAuth() throws an exception, the $message variable in the catch block isn't set, resulting in a PHP Notice in the AMF response.
The fix would be initializing $message above the try/catch, or checking if it exists in the catch block.
Thank You for report. Solved at SVN r23896.