[php-maint] Bug#554684: Bug#554684: php5-pgsql: Suhosin alerts about heap overflows

Gunnar Wolf gwolf at gwolf.org
Fri Nov 6 01:41:41 UTC 2009

sean finney dijo [Fri, Nov 06, 2009 at 12:16:59AM +0100]:
> On Thu, Nov 05, 2009 at 04:34:03PM -0600, Gunnar Wolf wrote:
> > function db_escape_string($text) {
> >   return pg_escape_string($text);
> > }
> > 2009-11-04 06:25:29 CST [30578]WARNING:  nonstandard use of \\ in a string literal at character 25
> hm... maybe this is a result of pg_escape_string and magic_quotes_<foo>
> used together?

In such case, this should be reassigned to drupal6 as they are
applying the escapings in the wrong order, right?

Now, in such case... I wonder why I don't get this warning more
often. As I said in the report, the site in question had its comments
open for spammers (although they were piling for administrator's
authorization). I have closed the comments for now, but would surely
like to know what causes this.

FWIW, I do _not_ think this is caused by magic_quotes as a global
configuration setting, as it is explicitly turned off at the site in

Gunnar Wolf • gwolf at gwolf.org • (+52-55)5623-0154 / 1451-2244

More information about the pkg-php-maint mailing list