From:             [EMAIL PROTECTED]
Operating system: all
PHP version:      4.0 Latest CVS (04/04/2001)
PHP Bug Type:     Unknown/Other Function
Bug description:  potential Bufferoverflow in extensions based on skeleton...

When i was looking through the CVS version of php, i discovered the following piece of 
code in skeleton.c


        zval **arg;
        int len;
        char string[256];
len = sprintf(string, "Congratulations, you have successfully modified ....
t/extname/config.m4, module %s is compiled into PHP", Z_STRVAL_PP(arg));


of course the sprintf could be used to perform a standart bufferoverflow. It should be 
better changed into ... %.50s ... or similiar to do not create a potential 

As far as i can see ircg and cybermut sources still have the compile confirmation in 

Stefan Esser

Edit Bug report at:

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to