Empty POST variables are not set when using PHP 5.6

[mgurm]

When a post variable is present but empty, it should be set to an empty string so that PHP scripts can check it with isset. However, I found that this does not work when using suhosin with PHP 5.6.0.

I wrote a minimal test case for this:

--TEST--
empty post vaiable test
--POST--
a=&b=test
--FILE--
<?php
var_dump($_POST);
?>
--EXPECTF--
array(2) {
  ["a"]=>
  string(0) ""
  ["b"]=>
  string(4) "test"
}

When I run this, it tells me that the non-empty variable b is set correcty, while the empty variable a is lost:

array(1) {
  ["b"]=>
  string(4) "test"
}

I have looked into this and I think the reason is the following code in post_handler.c at line 131:

        if (vlen) {
                vlen = php_url_decode(ksep, vlen);
        }

This skips the call to php_url_decode if the length of the post value is 0. The problem is that php_url_decode is the function that should truncate the ksep string, which will be used later on. So if that function call is skipped, ksep will be too long. This will lead the check in line 593 of ifilter.c to think that there was some kind of NULL byte attack, because strlen(val) != val_len, and thus the post variable will be thrown away.

I suggest fixing this by removing the if from post_handler.c, as there is no real reason to skip the php_url_decode call. That function just contains a loop that will never get executed if vlen == 0, and one line for the string trunctation. See http://lxr.php.net/xref/PHP_5_6/ext/standard/url.c#570.

[stefanesser]

Added a better fix to the code.