ID: 15772
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Closed
Bug Type: *General Issues
Operating System: all
PHP Version: 4.0.6
New Comment:
You are again wrong, cnt must be supplied.
I advise you to think before you speak.
A POST fileupload block can have lots of '\0's in it.
Without the number of bytes it would be impossibe to
handle such a block.
Previous Comments:
------------------------------------------------------------------------
[2002-02-28 04:59:29] [EMAIL PROTECTED]
I'll admit that I did not examine the rest of the program to see if the
buffer was '\0'-terminated, however if it is, it's not just me that
thought it wasn't - whoever wrote the routine thought it wasn't either.
Otherwise there wouldn't even be any point in passing the buffer length
to the function, or the main loop's "while (ptr - buf < cnt)" or indeed
half the function.
As to providing patches, I know from experience that what you tend to
do with them is ignore them, insult them, re-write them badly and apply
them six months later, and then fail to credit. Plus I see no point in
providing band-aids in a futile attempt to cover the gaping wounds in
PHP. I *can* give you the fix I recommend to people for PHP, however,
which is 'rm -rf php-*' ;-)
------------------------------------------------------------------------
[2002-02-28 03:21:22] [EMAIL PROTECTED]
We can search and fix what's wrong if there is a bug description, but
it would nice if you could post patch to php-dev directly. We know PHP
has many bugs and appreciate patches fixes bugs.
You have skills, right :)
------------------------------------------------------------------------
[2002-02-28 03:02:27] [EMAIL PROTECTED]
Your claims are simply wrong.
Not a single str* function is able to read beyond the
buffer, cause the buffer is '\0' terminated and
strcmp/strcasecmp whatever will stop there.
------------------------------------------------------------------------
[2002-02-27 23:42:47] [EMAIL PROTECTED]
Fine by me, but the problems are not fixed in CVS. You asked me for
more specifics, I gave them to you.
------------------------------------------------------------------------
[2002-02-27 23:34:49] [EMAIL PROTECTED]
The specific memchr()+1 issue is fixed in CVS which was the only useful
part of this bug report. We close bugs when they are fixed in CVS, not
when we ship releases.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15772
--
Edit this bug report at http://bugs.php.net/?id=15772&edit=1
