On Sun, Jan 12, 2003 at 12:12:39AM +0100, Sascha Schumann wrote:
> As many past security advisories have shown, signedness
> issues are the frequent cause for severe vulnerabilities in
> software (recent examples include MySQL, OpenBSD kernel).
Actually codes like below produce vulnerble runtimes because
the length of string is expected to be a positive integer value...
int maxlen;
...
if ((int)Z_STRLEN_P(length) > maxlen) {
RETURN_FALSE;
}
memcpy(allocated_buf, Z_STRVAL_P(length), Z_STRLEN_P(length));
> Any objections?
No objection from me.
Moriyoshi
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
