Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:69874
Return-Path: <krakjoe@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 21778 invoked from network); 26 Oct 2013 05:43:31 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Oct 2013 05:43:31 -0000
X-Host-Fingerprint: 80.4.21.210 cpc22-asfd3-2-0-cust209.1-2.cable.virginm.net  
Received: from [80.4.21.210] ([80.4.21.210:1478] helo=localhost.localdomain)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id DD/10-20070-1865B625 for <yohgaki@ohgaki.net>; Sat, 26 Oct 2013 01:43:29 -0400
To: internals@lists.php.net,Yasuo Ohgaki <yohgaki@ohgaki.net>
Message-ID: <526B567D.7090404@php.net>
Date: Sat, 26 Oct 2013 06:43:25 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7
MIME-Version: 1.0
References: <3E.D7.40084.12BBA625@pb1.pair.com> <CAGa2bXYANkW6yDN2_UqncHWpM4Zv+DxMTX0W8kT5-83JAveZjw@mail.gmail.com>
In-Reply-To: <CAGa2bXYANkW6yDN2_UqncHWpM4Zv+DxMTX0W8kT5-83JAveZjw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Posted-By: 80.4.21.210
Subject: Re: [PHP-DEV] error_log binary unsafe
From: krakjoe@php.net (Joe Watkins)

On 10/26/2013 12:25 AM, Yasuo Ohgaki wrote:
> Hi Joe,
>
> On Sat, Oct 26, 2013 at 3:40 AM, Joe Watkins <krakjoe@php.net> wrote:
>
>>
>>          https://bugs.php.net/bug.php?**id=64439<https://bugs.php.net/bug.php?id=64439>
>>
>>          What do we think of the following approach:
>>
>>          https://github.com/php/php-**src/pull/505<https://github.com/php/php-src/pull/505>
>
>
> Like  laruence said, error logs are written to various places.
> Handling only by SAPI will not solve issue, but introduces more
> confusion. (i.e. double escape/conversion)
>
> I also updated manual page that logs are written to various places.
>
> Regards,
>
> --
> Yasuo Ohgaki
> yohgaki@ohgaki.net
>

4713        case 1:     /*send an email */
4714            if (!php_mail(opt, "PHP error_log message", message, 
headers, NULL TSRMLS_CC)) {
4715                return FAILURE;
4716            }
4717            break;
4718
4719        case 2:     /*send to an address */
4720            php_error_docref(NULL TSRMLS_CC, E_WARNING, "TCP/IP 
option not available!");
4721            return FAILURE;
4722            break;
4723
4724        case 3:     /*save to a file */
4725            stream = php_stream_open_wrapper(opt, "a", 
IGNORE_URL_WIN | REPORT_ERRORS, NULL);
4726            if (!stream) {
4727                return FAILURE;
4728            }
4729            php_stream_write(stream, message, message_len);
4730            php_stream_close(stream);
4731            break;
4732
4733        case 4: /* send to SAPI */
4734            if (sapi_module.log_message) {
4735                sapi_module.log_message(message TSRMLS_CC);
4736            } else {
4737                return FAILURE;
4738            }
4739            break;
4740
4741        default:
4742            php_log_err(message TSRMLS_CC);
4743            break;


Mail is not yet handled, TCP/IP is not supported any more, streams are 
binary safe.
The SAPI and default error logging mechanism are all that require attention.

The patch is not final and doesn't include a fix for every 
implementation of SAPI.

I don't see the need for confusion ??

I don't see the need to ignore the problem either.

Cheers
Joe