[PHP-DEV] Bug #13107: php_ini.c:197 coding bug

nick Mon, 03 Sep 2001 04:39:00 -0700

From:             [EMAIL PROTECTED]
Operating system: All
PHP version:      4.0.6
PHP Bug Type:     Scripting Engine problem
Bug description:  php_ini.c:197 coding bug

Probably should be sizeof(char*) rather than sizeof(zval) here as zend
extension paths are stored as a strings rather than zvals, as below. As a
result the stack is blown on the resultant memcpy in the llist code.


zend_llist_init(&extension_lists.engine, sizeof(zval), (llist_dtor_func_t)
free_estring, 1);
/*...*/
char *extension_name = estrndup(Z_STRVAL_P(arg2), Z_STRLEN_P(arg2));
                                        
zend_llist_add_element(&extension_lists.engine, &extension_name);


-- 
Edit bug report at: http://bugs.php.net/?id=13107&edit=1


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] Bug #13107: php_ini.c:197 coding bug

Reply via email to