Hi, >>> http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/SAPI.c?r1=317225&r2=318997 >> >> I'm sure we'd be more than happy to hear why it's broken and hear about >> possible suggested fixes. > > The purpose of the code is to detect all occurences of \r or \n not followed > by whitespace and error out. > It is obviously doing something else.
Just looking at the patch. The comment in the code states /* new line safety check */ but it cannot be a safety check as Stefan mentioned. It should be fixed, if it was intended as security measure. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net 2012/2/3 Stefan Esser <ste...@nopiracy.de>: > Hello Derick, > >>> * and most probably many more that I do not know from the top of my >>> head (this are already 9 features and Suhosin/HPHP exists since 2004 = >>> 8 years). >> >> Lots of stuff in PHP was also "stolen" from Xdebug, but I am not whining >> about that as the goal is (and has always been) to make PHP better. > > I am not whining of something being stolen I trying to demonstrate that a lot > of the features noone ever saw a need for in PHP have been cloned. > PHP devs repeatedly tell that Suhosin brings no additional value, while they > clone and clone every time they are hit by a nasty bug. > > >>> http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/SAPI.c?r1=317225&r2=318997 >> >> I'm sure we'd be more than happy to hear why it's broken and hear about >> possible suggested fixes. > > The purpose of the code is to detect all occurences of \r or \n not followed > by whitespace and error out. > It is obviously doing something else. > > Regards, > Stefan > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
