Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:29583 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 97573 invoked by uid 1010); 20 May 2007 21:29:18 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 97558 invoked from network); 20 May 2007 21:29:18 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 May 2007 21:29:18 -0000 Authentication-Results: pb1.pair.com header.from=sesser@hardened-php.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=sesser@hardened-php.net; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain hardened-php.net from 81.169.159.221 cause and error) X-PHP-List-Original-Sender: sesser@hardened-php.net X-Host-Fingerprint: 81.169.159.221 hardened-php.net Linux 2.4/2.6 Received: from [81.169.159.221] ([81.169.159.221:54275] helo=mail.hardened-php.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id D2/9D-32102-BADB0564 for ; Sun, 20 May 2007 17:29:16 -0400 Received: from [192.168.1.77] (p5b006c97.dip.t-dialin.net [91.0.108.151]) by mail.hardened-php.net (Postfix) with ESMTP id 09B871202B3; Sun, 20 May 2007 22:05:20 +0200 (CEST) Message-ID: <4650BDAC.9000102@hardened-php.net> Date: Sun, 20 May 2007 23:29:16 +0200 User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Cristian Rodriguez Cc: internals@lists.php.net References: <465022BE.1020905@hardened-php.net> <7d5a202f0705201415s71982fd2jb61b8bffbb7ba6de@mail.gmail.com> In-Reply-To: <7d5a202f0705201415s71982fd2jb61b8bffbb7ba6de@mail.gmail.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Dismantling the lies... From: sesser@hardened-php.net (Stefan Esser) Cristian Rodriguez schrieb: >> Here is the patch I created in approximately half an hour. A solution to >> a problem > >> that is *NOT* fixable at the moment, according to Stanislav. > > at openSUSE, we also have a patch for this issue since a few weeks, as > a vendor unfortunately we have to take care of things that people > here dont want to fix... > > http://www.flyspray.org/patches/MOPB-01-abicompatible.patch.bz2 > I only see one major problem with this patch. You just call zend_error() when a possible integer overflow is detected. This is however not really safe. Refcount increases etc... are usually done deep in the engine and it is not ensured that in case of a bailout this cannot result in destruction of structures that were only partialy initialised. Stefan Esser