Did you find any bugs/problems related to this issue? The reason I ask is that we treat those pointers as pointers to data which is not ours. Later in the code where we actually use it, we create duplicates if necessary. That goes for the cookie_data, query_string and possibly other buffer pointers that we use. It allows us to be the most efficient, and duplicate if and only if necessary.
Zeev At 11:42 27-09-01, Martin Jahn wrote: >hello, > >i think i have a patch that should made it into your next release >candidate before the problem is forgoten: >the function sapi_module.read_cookies does return a pointer that is >allocated within the addresspace of the server (f.e. apache). this >is a violation of the idea behind modular programming. >the cookie_data should be properly estrduped to ensure, that >whatever a php extension does with the cookie_data it never >ever touches addresspace that was not allocated by php itself. >the patch i send you with this mail does exactly this: >1) estrdup cookie_data if != NULL >2) efree it on exit >martin -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
