> I might be misunderstanding the problem and I didn't have time to read the > phrack article, but doesn't this mean that leaving it unsigned is better? > It wouldn't pass the length check and thus, memcpy() wouldn't convert a > negative number to something huge.
The problem is that every single line of existing PHP extensions, both public and non-public, would need to be audited, if we were to switch the type, because 100% of the current code misinterpretes data from the ZE2 API right now. Changing the API does not solve the existing problem, it merely adds to it. For example, you can add a single central check to the engine today which checks string lengths to be at least 0. If the length field was changed to an unsigned type permanently, such a check would be impossible to implement in a portable way, because C does not define how a negative number will appear when cast to an unsigned type. - Sascha -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php