-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Stefan nicely asked me to provide real examples in the PHP source code in which was used something like - emalloc(userinput). In the advisory has been 2 examples, first used emalloc(userinput +1), second - emalloc(userinput + 2). Guess that was enough for understanding and fixing the issue. Really sorry if someone did not get the point, we don't provide tech support on the subject of our advisories...someday maybe...As for the note that this is a experimental extension and not enabled by default - looks like there are some problems with installing sockets extension, just add --with-sockets option to configure script. Another example of insecure emalloc() call - mhash_keygen_s2k() function in the mhash extension which uses emalloc(userinput + 1). Best regards. // Sir Mordred -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wmAEARECACAFAj6Do8gZHHNpci5tb3JkcmVkQGh1c2htYWlsLmNvbQAKCRAOkXvN4BZr fDiiAKC2Dcu2cnqYrHD76wT8Qw9trtlBXwCgpuij68JVA18Lcv3g5vXpPDVDmQM= =qSXr -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
This archive was generated by hypermail 2b30 : Fri Mar 28 2003 - 10:18:41 PST