Hi!
+ char dtrace_error_buffer[1024];
TSRMLS_FETCH();
/* Obtain relevant filename and lineno */
@@ -1581,6 +1591,12 @@
va_start(args, format);
+ if(DTRACE_ERROR_ENABLED()) {
+ vsprintf(dtrace_error_buffer, format, args);
+ }
This doesn't look good. I don't see a check anywhere that format doesn't
run over 1024 chars.
--
Stanislav Malyshev, Zend Software Architect
s...@zend.com http://www.zend.com/
(408)253-8829 MSN: s...@zend.com
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php