Am 30.01.2015 20:09 schrieb "Leigh" <lei...@gmail.com>: > > Well, I guess in theory we should be limiting the size of input to > gethostbyname to 255 characters.
Yeah, but in theory the C library gethostbyname() should do the same... There will be a lot of things that could be checked up-front instead of relying on the C layer stuff to do its work. Do you want to pre-examine pathnames regarding maximum path name lengths? Check the fopen mode parameter for posixly valid content? There's a zillion ways libc might be vulnerable. And any such up-front in PHP check might then be blessed with exploitable bugs itself... best regards Patrick
