ID: 11364 Comment by: softcore-fast803 at hotmail dot com Reported By: sebastien dot blon at nfrance dot com Status: Closed Bug Type: Output Control Operating System: OpenBSD 2.7 PHP Version: 4.0.4pl1 New Comment:
<a href=http://my-fastpantyhosesof.da.ru>softcore fast</a> Previous Comments: ------------------------------------------------------------------------ [2001-06-08 15:20:10] [EMAIL PROTECTED] This should be fixed in PHP 4.0.5. But please try the soon to be released 4.0.6 release candidate 3: http://www.php.net/~andi/php-4.0.6RC3.tar.gz --Jani ------------------------------------------------------------------------ [2001-06-08 14:37:20] sebastien dot blon at nfrance dot com Our apache server crashed several times. We found out that before each crash, the error_log file grows up to 2 GBytes, containing the HTML code from one page of a particular site (always the same page). We checked this page and found that it was using ob_start() function. After the desactivation of this function in php.ini, the server does not crash any more. We think there is perhaps a potential security hole in this function because if datas can be writen into error_log , they might be written anywhere else. Let us know about it Regards, S�bastien BLON ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=11364&edit=1
