Re: [PHP-CVS] com php-src: Fixed Bug #62005 (unexpected behavior when incrementally assigning to a member of a null object): NEWS Zend/tests/bug62005.phpt Zend/zend_execute.c
Hi! Hi: this bug is kind of a serious one, since it's behavior wrongly. so maybe this one should merged to 5.3 and 5.4 branch.. Could you explain why the change you did fixes the bug? Why does it matter where zend_error is called? -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Fixed Bug #62005 (unexpected behavior when incrementally assigning to a member of a null object): NEWS Zend/tests/bug62005.phpt Zend/zend_execute.c
On Sat, May 12, 2012 at 2:00 PM, Stas Malyshev smalys...@sugarcrm.com wrote: Hi! Hi: this bug is kind of a serious one, since it's behavior wrongly. so maybe this one should merged to 5.3 and 5.4 branch.. Could you explain why the change you did fixes the bug? Why does it matter where zend_error is called? Hi Stas: in the zend_error-php_error_cb, it will rebuild the active_symbol_table(if it is not built), which will change the execute_data-CVs[0] . then ~ thanks -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Laruence Xinchen Hui http://www.laruence.com/ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Fixed Bug #62005 (unexpected behavior when incrementally assigning to a member of a null object): NEWS Zend/tests/bug62005.phpt Zend/zend_execute.c
Hi! in the zend_error-php_error_cb, it will rebuild the active_symbol_table(if it is not built), which will change the execute_data-CVs[0] . then ~ Hmmm... changing CVs when there are active pointers to them may be pretty bad idea. I think this fix does not fix the actual problem, only hides it - we may have other places which use CVs but can produce errors which change those CVs. Even in that code - what if some error message is produced somewhere on the way for some reason? I'm not sure how to fix it properly yet - maybe worth also asking Dmitry maybe he has some insight. -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: update NEWS: NEWS
Commit:58482206f5e101ea8a1768375439021891c84bdf Author:Stanislav Malyshev s...@php.net Wed, 9 May 2012 13:37:49 -0700 Parents: 6a5095582a1e3b9a065863c9990e2f001d1cdc10 Branches: PHP-5.4 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=58482206f5e101ea8a1768375439021891c84bdf Log: update NEWS Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index a872112..a4486c8 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHPNEWS ||| -?? ??? 2012, PHP 5.4.2 +?? ??? 2012, PHP 5.4.4 - CLI Server: . Implemented FR #61977 (Need CLI web-server support for files with .htm @@ -51,6 +51,18 @@ PHP NEWS sent when no compression). (Mike) . Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike) +08 May 2012, PHP 5.4.3 + +- CGI + . Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. +(Stas) + . Fix bug #61807 - Buffer Overflow in apache_request_headers. +(nyt-php at countercultured dot net). + +03 May 2012, PHP 5.4.2 + +- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) + 26 Apr 2012, PHP 5.4.1 - CLI Server: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php