[PHP-CVS] cvs: php4(PHP_4_3) / TODO_SEGFAULTS

Ilia Alshanetsky Thu, 03 Apr 2003 16:42:36 -0800

iliaa           Thu Apr  3 19:44:35 2003 EDT

  Modified files:              (Branch: PHP_4_3)
    /php4       TODO_SEGFAULTS 
  Log:
  More gd stuff.
  
  
Index: php4/TODO_SEGFAULTS
diff -u php4/TODO_SEGFAULTS:1.1.2.23 php4/TODO_SEGFAULTS:1.1.2.24
--- php4/TODO_SEGFAULTS:1.1.2.23        Thu Apr  3 19:29:37 2003
+++ php4/TODO_SEGFAULTS Thu Apr  3 19:44:34 2003
@@ -28,6 +28,7 @@
     chunk_split                 (3)
     socket_select               (4)
     php_imagepolygon           (5)
+    imagesetstyle              (6)
        
 (1) heap corruption, mostly visible in malloc-related calls.  Whether you see 
     this or not might depend on your libc/compiler.  Hard to track down,
@@ -79,6 +80,10 @@
 (5) integer overflow inside php_imagepolygon and possible subsequent 
     integer overflows inside gdlib's gdImageFilledPolygon().
 
+(6) integer overflow if the number of elements in the array passed as
+    second argument * sizeof(int) result in an overflow.
+    gdImageSetStyle function called by this php wrapper can die for the
+    same reason.  
 
 Ammendment 1.




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php4(PHP_4_3) / TODO_SEGFAULTS

Reply via email to