This is starting to sound like the dispute in the initial bug
report..... Regardless of the root cause, this is a serious bug in PHP
which exposes any script using gzinflate to denial of service attacks.
While I'm sure extending zlib provides the most elegant fix to this
problem, it should be possible to protect PHP scripts from crashes
without such extensions. At the very least, the documentation should
include a warning about this vulnerability..... I agree that a bug
should be filed against zlib as well but don't understand why there is
so much resistance to tracking this in the PHP bug database. I am not
the right person to file the zlib bug since I don't know enough about
what is needed there but I can open a new bug in the PHP db if reopening
30153 is not the right answer.
Tim
George Schlossnagle wrote:
On Oct 4, 2005, at 11:50 AM, Tim Nufire wrote:
Ramus,
Thanks for the response. Unfortunately, I don't have any great ideas
on how to patch this and for now have just stopped using gzinflate
:-/ Is there a way to reopen bug 30153? That description of this
issue is pretty good and, even if the bug is hard to fix, it should
still be tracked somewhere....
You should file a bug against zlib, as it is the library that needs
to export these sorts of validation methods. If/when zlib supports
this sort of feature, PHP will support it.
George
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
