Issues

ZF-3310: Issue with Zend_XmlRpc_Value_Integer when casting a bigint

Description

Hi,

There is an issue with Zend_XmlRpc_Value_Integer there :


    public function __construct($value)
    {
        $this->_type = self::XMLRPC_TYPE_INTEGER;
        $this->_value = (int)$value;    // Make sure this value is integer
    }

If we receive a value bigger than 2 147 483 647 then the value is truncated.

Comments

Please evaluate and fix/categorize as necessary.

Isn't the XML-RPC spec that i4/int is a four-byte signed integer? The only way you're receiving or sending an integer > +2,147,483,647 is if the either you or the other end is breaking spec.

Hello, all.

I think 2 solutions. Do you think which is better?

1) The Zend_XmlRpc_Value_Integer throws exception if the $value is bigger than 2 147 483 647 .

2) We will recommend to validate parameter before using Zend_XmlRpc_Value_Integer in reference manual.

I would suggest that an exception is thrown (option 1) as an big integer (within xmlrpc) is an i8 type not int or i4

2147483648 invalid (throw error) 2147483648 no problem its a big int the other side is telling me.

I've fixed this issue by just throwing an exception when an overlong integer is passed. I think supporting the non-standardized i8 element will be a good idea though, as it is implemented pretty widely. Resolved in r17753

Thanks, Lars. I set the Fix Version.