On Fri, 03 Feb 2012 13:03:24 +0100, Gustavo Lopes <glo...@nebm.ist.utl.pt>
wrote:
On Fri, 03 Feb 2012 12:06:26 +0100, Stefan Esser
<stefan.es...@sektioneins.de> wrote:
[snip]
obviously inside PHP no one cares about reviewing security patches.
Perhaps then you'd want to comment on:
http://nebm.ist.utl.pt/~glopes/misc/bug60227.diff , which addresses the
NUL byte issue, although now I'm thinking that since we're in the
business of validating HTTP headers, we could also forbid the other
control characters that are forbidden by the spec (not just LF and CR).
I've committed a different version that also forbids \0 (since, as Stefan
says, a NUL byte can result in the truncation of the rest of the header)
and that accepts a CRLF:
http://svn.php.net/viewvc/php/php-src/trunk/main/SAPI.c?r1=323043&r2=323042&pathrev=323043
If you or anyone else find any problem, please report a bug; otherwise
I'll merge to 5.3 and 5.4 once 5.4 is out of code freeze.
Thanks
--
Gustavo Lopes
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
