Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:44540 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 94058 invoked from network); 30 Jun 2009 13:26:01 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 Jun 2009 13:26:01 -0000 Authentication-Results: pb1.pair.com smtp.mail=mls@pooteeweet.org; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=mls@pooteeweet.org; sender-id=unknown Received-SPF: error (pb1.pair.com: domain pooteeweet.org from 88.198.8.16 cause and error) X-PHP-List-Original-Sender: mls@pooteeweet.org X-Host-Fingerprint: 88.198.8.16 bigtime.backendmedia.com Linux 2.6 Received: from [88.198.8.16] ([88.198.8.16:58407] helo=bigtime.backendmedia.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id EF/18-52911-7621A4A4 for ; Tue, 30 Jun 2009 09:26:01 -0400 Received: from localhost (unknown [127.0.0.1]) by bigtime.backendmedia.com (Postfix) with ESMTP id 4CC7E414405E; Tue, 30 Jun 2009 13:26:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at backendmedia.com Received: from bigtime.backendmedia.com ([127.0.0.1]) by localhost (bigtime.backendmedia.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XqH2ujedaTFB; Tue, 30 Jun 2009 15:26:28 +0200 (CEST) Received: from [192.168.80.162] (unknown [195.226.16.50]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: mls@pooteeweet.org) by bigtime.backendmedia.com (Postfix) with ESMTP id 34DCA4144057; Tue, 30 Jun 2009 15:26:27 +0200 (CEST) To: Matt Wilmas In-Reply-To: <7435CCB5C8694BDCAAC90C165570A3E1@pc1> X-Priority: 3 References: <7435CCB5C8694BDCAAC90C165570A3E1@pc1> Message-ID: <48B6EF7D-E66E-49B8-B798-ABBBE92AB8F6@pooteeweet.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Tue, 30 Jun 2009 15:25:53 +0200 Cc: X-Mailer: Apple Mail (2.935.3) Subject: Re: [PHP-DEV] [PATCH] create_function/zend_eval_string aren't binary-safe From: mls@pooteeweet.org (Lukas Kahwe Smith) On 03.06.2009, at 20:45, Matt Wilmas wrote: > Hi all, > > I first noticed this with preg_replace()'s /e modifier (SO many > other issues with that...), but it also happens with > create_function() and a few other places where zend_eval_string() is > used. Other code evaluation in PHP is binary-safe, so it seems like > these areas should be as well? In case an example is needed: > > $func = create_function('', "return strlen('Test\0string');"); > echo $func(); > > Patches: > http://realplain.com/php/binary_eval_string.diff > http://realplain.com/php/binary_eval_string_5_3.diff > > Can they be applied? (Also a small optimization by eliminating > strlen() usage.) May want to verify the ext/interbase change. > > I noticed there are several zend_eval_string() references in PECL > sources [1], which would be a problem after adding a string length > parameter... How is that handled? Should the updated function be > eval_stringL instead and add macros for compatibility? > > [1] http://lxr.php.net/ident?i=zend_eval_string should this be applied now as it hasnt been applied yet, afaik? regards, Lukas Kahwe Smith mls@pooteeweet.org