ZF-10023: Zend_Amf_Server->_handle() sometimes uses uninitialized variable (resulting in PHP notice in AMF response)

Issue Type:
Improvement
Created:
2010-06-21T03:09:10.000+0000
Last Updated:
2011-05-03T15:00:19.000+0000
Status:
Resolved
Fix version(s):
  • 1.11.6 (05/May/11)
Reporter:
Jelle-Jan van Veelen (pelle)
Assignee:
Satoru Yoshida (satoruyoshida)
Tags:
  • Zend_Amf
Related issues:
Attachments:

Description

In the _handle() method in Zend_Amf_Server, there is a try/catch block that uses a variable ($message) that sometimes isn't initialized.

Line 507-571


try {
    if ($handleAuth) {
        if ($this->_handleAuth(
            $headers[Zend_Amf_Constants::CREDENTIALS_HEADER]->userid,
            $headers[Zend_Amf_Constants::CREDENTIALS_HEADER]->password)) {
// *snip*
// _handleAuth throws an exception when authentication failes
        }
    }
    if ($objectEncoding == Zend_Amf_Constants::AMF0_OBJECT_ENCODING) {
        $message = '';
// *snip*
    } else {
        $message = $body->getData();
// *snip*
    }
} catch (Exception $e) {
    $return = $this->_errorMessage($objectEncoding, $message,
        $e->getMessage(), $e->getTraceAsString(),$e->getCode(),  $e->getLine());
}

As you can see, when _handleAuth() throws an exception, the $message variable in the catch block isn't set, resulting in a PHP Notice in the AMF response.

The fix would be initializing $message above the try/catch, or checking if it exists in the catch block.

Comments

Posted by Satoru Yoshida (satoruyoshida) on 2011-04-30T02:08:03.000+0000

Thank You for report. Solved at SVN r23896.

Posted by Ralph Schindler (ralph) on 2011-05-03T15:00:19.000+0000

Fixed in release branch 1.11 at r23897