ummp, sorry for my ignorant, when segfualt consider as "potential security report"?
i put similar (?) example in the past on the bugs.php.net that's live there open about 2 month's till wez fix it, without considering the last sascha integer overflow hunting project... -- moshe "Simon Ejsing" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've discovered a serious flaw and possibly a security issue in PHP. It is possible, by making a simple request to a PHP page, to crash the PHP thread with a Segmentation fault, no matter what the script does as it crashes before execution. I'm using PHP version 4.3.2 with Apache 2.0.46 on Linux, and have not found anything about this issue in the bug system. I have not tested with any other version, nor have I looked into a specific configuration to avoid this problem. I'm not sure where to report this issue, I don't want to explain how to do this to everyone, so if I could contact a developer personally I could explain the simple procedure. - -- Simon Ejsing, Systemudvikler esoft ApS, http://www.esoft.dk Kongensgade 66-68, DK-5000 Odense C. Tlf: 70 222 466, Fax: 63 122 466 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE++sKv0ZtqfKNZvaARAvs1AJwJpkBTVJLkPB1bSgbXM+it0ophyACfcAgL bp/REaKd9w792qGx6D7WYRE= =yiK0 -----END PGP SIGNATURE----- -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
