[php-maint] Bug#459020: Bug#459020: 043-recode_size_t.patch is invalid for recent php versions
Steve Langasek
vorlon at debian.org
Fri Feb 8 01:26:45 UTC 2008
On Wed, Feb 06, 2008 at 08:41:22PM +0100, Vincent Tondellier wrote:
> The patch 043-recode_size_t.patch is broken.
> req_len and str_len should be integers, but are size_t
> (zend_parse_parameters wants pointers to int). This is a problem for 64
> bits arches since a part of the variables is not initialized
> (sizof(size_t) != sizeof(int)), and recode_buffer_to_buffer is called
> with funny values that makes librecode eat all the system's memory.
So then, PHP isn't capable of passing values whose length exceeds UINT_MAX?
That's an annoyingly arbitrary limitation.
But yes, your analysis here looks correct to me.
> An updated version of the patch witch fixes the problem for me is
> attached to this mail and should be, IMO, applied as a security fix for
> etch.
I don't see any evidence that this is a security issue, but it should be
applied as a stable release update.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
More information about the pkg-php-maint
mailing list