ZF-3310: Issue with Zend_XmlRpc_Value_Integer when casting a bigint
Description
Hi,
There is an issue with Zend_XmlRpc_Value_Integer there :
public function __construct($value)
{
$this->_type = self::XMLRPC_TYPE_INTEGER;
$this->_value = (int)$value; // Make sure this value is integer
}
If we receive a value bigger than 2 147 483 647 then the value is truncated.
Comments
Posted by Wil Sinclair (wil) on 2008-06-07T21:51:32.000+0000
Please evaluate and fix/categorize as necessary.
Posted by Darien Hager (hagerd) on 2008-08-12T12:04:33.000+0000
Isn't the XML-RPC spec that i4/int is a four-byte signed integer? The only way you're receiving or sending an integer > +2,147,483,647 is if the either you or the other end is breaking spec.
Posted by old of Satoru Yoshida (yoshida@zend.co.jp) on 2008-09-11T04:09:16.000+0000
Hello, all.
I think 2 solutions. Do you think which is better?
1) The Zend_XmlRpc_Value_Integer throws exception if the $value is bigger than 2 147 483 647 .
2) We will recommend to validate parameter before using Zend_XmlRpc_Value_Integer in reference manual.
Posted by Michiel Brandenburg (apex) on 2009-06-05T07:03:38.000+0000
I would suggest that an exception is thrown (option 1) as an big integer (within xmlrpc) is an i8 type not int or i4
2147483648 invalid (throw error) 2147483648 no problem its a big int the other side is telling me.
Posted by Lars Strojny (lars) on 2009-08-22T09:12:04.000+0000
I've fixed this issue by just throwing an exception when an overlong integer is passed. I think supporting the non-standardized i8 element will be a good idea though, as it is implemented pretty widely. Resolved in r17753
Posted by Satoru Yoshida (satoruyoshida) on 2009-08-25T22:40:34.000+0000
Thanks, Lars. I set the Fix Version.