 |
 |
 |
 |
|
|
Date: 09/27/01
- Next message: Edin Kadribasic: "Fw: [PHP-DEV] New function: array_change_key_case()"
- Previous message: Andi Gutmans: "Re: [PHP-DEV] ZEND_MODULE_API_NO in ZE2 [was Re: [PHP-CVS] cvs: php4 /ext/xmlrpc config.m4 /ext/xmlrpc/libxmlrpc acinclude.m4 xmlrpc.h xmlrpc.m4]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hello,
i think i have a patch that should made it into your next release
candidate before the problem is forgoten:
the function sapi_module.read_cookies does return a pointer that is
allocated within the addresspace of the server (f.e. apache). this
is a violation of the idea behind modular programming.
the cookie_data should be properly estrduped to ensure, that
whatever a php extension does with the cookie_data it never
ever touches addresspace that was not allocated by php itself.
the patch i send you with this mail does exactly this:
1) estrdup cookie_data if != NULL
2) efree it on exit
martin
- application/octet-stream attachment: SAPI.diff
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Edin Kadribasic: "Fw: [PHP-DEV] New function: array_change_key_case()"
- Previous message: Andi Gutmans: "Re: [PHP-DEV] ZEND_MODULE_API_NO in ZE2 [was Re: [PHP-CVS] cvs: php4 /ext/xmlrpc config.m4 /ext/xmlrpc/libxmlrpc acinclude.m4 xmlrpc.h xmlrpc.m4]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]