On Sun, 5 Feb 2012 10:55:39 -0000, Nuno Lopes wrote:
I didn't carefully review this patch, but doesn't this code suffer
from potential math overflow?
i.e. with strlen($input_str) > INT_MAX/2  (or UINT_MAX/2)

All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem).

Gustavo Lopes

PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to