Hi Michael,
Good catch.
You can get the behavior that you expect by enabling (#ifdef ZEND_LSB2) in
my patch.
Tests lsb_018.phpt and lsb_019.phpt are especially for this behavior.
I am not sure which behavior shouldbe in final patch.
It seems like support for inheritance provides more flixebility,
There is a serious problem with both of these patches as they are now.
I understand the principal behind
Returning 'A'. But I don't think that it is wise making this change without
providing a way to still allow LSB to work further down an inheritance
structure.
The whole purpose behind lat
ah, so it's a glibc issue then? istr a similar thing come up with truetype
fonts that ended up being a bug in the tr1 lib, but because the PoC used php
it was classified as a php vulnerabity. if it's the same case here then i
think the onus is on glibc...
I've just committed a patch for that
tag 442250 + wontfix
thanks
On Tue, Sep 18, 2007 at 09:48:55PM +, sean finney wrote:
> iconv_t
> iconv_open (const char *tocode, const char *fromcode)
> {
> char *tocode_conv;
> char *fromcode_conv;
> size_t tocode_len;
> size_t fromcode_len;
> __gconv_t cd;
> int res;
>
> /* No
hi stanislav,
(hope you don't mind i'm going to cc this off to a few addresses, no need to
keep them cc'd for further correspondance though)
On Tuesday 18 September 2007 10:56:16 pm Stanislav Malyshev wrote:
> > ah, so it's a glibc issue then? istr a similar thing come up with
> > truetype font
ah, so it's a glibc issue then? istr a similar thing come up with truetype
fonts that ended up being a bug in the tr1 lib, but because the PoC used php
it was classified as a php vulnerabity. if it's the same case here then i
think the onus is on glibc...
Well, I think we can still impose li
On Tuesday 18 September 2007 09:54:05 pm Stanislav Malyshev wrote:
> > i'm just going through the latest batch of CVE's and it doesn't look like
> > there's a fix for CVE-2007-4840 yet:
>
> It's funny that glibc bug gets listed as PHP issue. But I think we may
> impose limit on charset length for i
i'm just going through the latest batch of CVE's and it doesn't look like
there's a fix for CVE-2007-4840 yet:
It's funny that glibc bug gets listed as PHP issue. But I think we may
impose limit on charset length for iconv.
--
Stanislav Malyshev, Zend Software Architect
[EMAIL PROTECTED] htt
hey guys,
i'm just going through the latest batch of CVE's and it doesn't look like
there's a fix for CVE-2007-4840 yet:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4840
Description
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of
service (application c
Hi,
I have been trying to work on this bug. The problem here is in this
scenario:
1. odbc connection is established.
2. odbc connection is closed.
3. trying to do a request (example: odbc_exec) to the database using the
closed connection -> crash.
As far as I can understand from readin
Hi,
I am looking for the php_is_url() function. It is documented in Sara's book,
declared in main/fopen_wrappers.h, but not defined anywhere.
It was defined in main/fopen_wrappers.c v 1.34 to detect only http/ftp URLs, as
they were probably the only possible URLs, and was removed in v 1.107.
I
Hi all,
I did a quick search in the bug tracker and the mailing list archives
and didn't see anything.
It looks like SetEnv PHPRC and Apache CGI redirection are not compatible.
When Apache is configured as indicated at
http://php.net/security.cgi-bin and as recommended at
http://www.php.net
On Sun, 16 Sep 2007, Ilia Alshanetsky wrote:
> On 16-Sep-07, at 1:02 PM, Steph Fox wrote:
>
> > Mmm... but that means dictating which features can or can't go into
> > an extension or a specific build system purely on the level of
> > outside interest in them.
>
> Steph, isn't the goal of "cor
13 matches
Mail list logo
