moriyoshi               Wed Jun  4 10:53:31 2003 EDT

  Modified files:              (Branch: PHP_4_3)
    /php4       NEWS TODO_SEGFAULTS 
  Log:
  BFN updates
  
  
Index: php4/NEWS
diff -u php4/NEWS:1.1247.2.238 php4/NEWS:1.1247.2.239
--- php4/NEWS:1.1247.2.238      Wed Jun  4 01:54:18 2003
+++ php4/NEWS   Wed Jun  4 10:53:30 2003
@@ -15,6 +15,7 @@
 - Added DBA handler 'inifile' to support ini files. (Marcus)
 - Added a "DEBUG" note to 'php -v' output when --enable-debug is used. (Derick)
 - Added long options into CLI & CGI (e.g. --version). (Marcus)
+- Fixed integer overflows in base64_encode(). (Moriyoshi)
 - Fixed possible integer overflows in bundled GD library. (Ilia)
 - Fixed "mysql.connect_timeout" php.ini option to be settable with ini_set().
   (Rasmus)
Index: php4/TODO_SEGFAULTS
diff -u php4/TODO_SEGFAULTS:1.1.2.33 php4/TODO_SEGFAULTS:1.1.2.34
--- php4/TODO_SEGFAULTS:1.1.2.33        Tue Jun  3 19:57:58 2003
+++ php4/TODO_SEGFAULTS Wed Jun  4 10:53:31 2003
@@ -23,7 +23,8 @@
     flock (Sascha)
     register_shutdown_function (Sascha)
     mb_strcut('', [number greater than the length of first arg]) (Moriyoshi)
-    ext/exif, ext/dba (7) (Marcus)
+    ext/exif, ext/dba (Marcus)
+    php_base64_encode (Moriyoshi)
        
 Open:
 
@@ -32,8 +33,7 @@
     socket_select               (3)
     php_imagepolygon            (4)
     imagesetstyle               (5)
-    php_base64_encode          (6)
-    pack                       (7)
+    pack                        (6)
        
 (1) heap corruption, mostly visible in malloc-related calls.  Whether you see 
     this or not might depend on your libc/compiler.  Hard to track down,
@@ -83,11 +83,9 @@
     gdImageSetStyle function called by this php wrapper can die for the
     same reason.  
 
-(6) integer overflow if the specified string is longer then ~1.1 billion bytes.
+(6) multiple integer overflows, ex. pack("d4294967297", 2);
 
-(7) multiple integer overflows, ex. pack("d4294967297", 2);
-
-Ammendment 1.
+Amendment 1.
 
 CFLAGS='-O0 -g' \
 '../src/php4/configure' \



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to