Package: libtidy-0.99-0
Version: 20080116cvs-2
Severity: grave
Justification: renders package unusable
When used within PHP, the allowed memory size from PHP is exceeded:
[EMAIL PROTECTED]:~/src$ cat debian-5.2.4-tidy-crash.php
<?php
$sHtml = <<<HTML
<html>
<body>
<h1>test</h1>
</body>
</html>
HTML;
$oTidy = tidy_parse_string($sHtml);
[EMAIL PROTECTED]:~/src$ /usr/bin/php debian-5.2.4-tidy-crash.php
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to
allocate 141265660 bytes) in /home/mfischer/src/debian-5.2.4-tidy-crash.php on
line 9
Call Stack:
0.0003 51896 1. {main}()
/home/mfischer/src/debian-5.2.4-tidy-crash.php:0
0.0003 52048 2. tidy_parse_string()
/home/mfischer/src/debian-5.2.4-tidy-crash.php:9
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file 'unknown')
The reason I'm filing this against the libtidy-0.99-0 package is that this does
not happen with libtidy-0.99-0=20051018-1 .
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-vserver-k7 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libtidy-0.99-0 depends on:
ii libc6 2.7-6 GNU C Library: Shared libraries
libtidy-0.99-0 recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
