Marten,
This should be fixed in the latest CVS. Thanks for reporting it with an
easily reproducible code snippet!
Zeev
At 17:55 5/2/2001, Mårten Gustafsson wrote:
>Tried my snippet on a Linux box runnig PHP 4.0.4pl1 with an interesting
>result; it displayed the source code for both PHP and HTML files from other
>virtual hosts on the machine! Surly this should not be possible.
>
>
>-Mårten.
>Icq# 38863127
>
>
>
>-----Original Message-----
>From: Mårten Gustafsson [mailto:[EMAIL PROTECTED]]
>Sent: Monday, February 05, 2001 4:12 PM
>To: [EMAIL PROTECTED]
>Subject: [PHP-DEV] Reading memory "before" a variable
>
>
>Using PHP 4.0.4 for Windows it is possible to access memory "before" a
>variable using a negative index on a string variable.
>
>Executing the snippet below outputs a lot of trash but alos the entire
>source code of a file that is auto prepended.
>
>
><?php
>$str = '';
>$hello = 'Hello';
>for($i = 0; $i > -10000; $i--)
>{
> $str .= $hello[$i];
>}
>echo strrev($str);
>?>
>
>
>-Mårten.
>Icq# 38863127
>
>
>--
>PHP Development Mailing List <http://www.php.net/>
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
>
>--
>PHP Development Mailing List <http://www.php.net/>
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
Zeev Suraski <[EMAIL PROTECTED]>
CTO & co-founder, Zend Technologies Ltd. http://www.zend.com/
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
