PHPDeveloper.org: PHP Security Blog: Chunk_split() Overflow not fixed at all...

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

Job Posting: RJ Byrd (Recruiter) Seeks PHP Application Developer (Dallas, TX)

News Archive

Site News: Blast from the Past - One Year Ago in PHP

Zend Developer Zone: Dynamically Generating PDF Files with PHP and Haru

Jani Hartikainen's Blog: Base classes in OOP programming languages

Community News: PHP Quebec 2009 Schedule Announced

Community News: Latest Releases from PHPClasses.org

Brandon Savage's Blog: Hosting Made for PHP Developers

David Otton's Blog: php://memory, Unit Tests

Sameer's Blog: Creating a Figlet text in php

Eran Galperin's Blog: OO PHP Templating

Johannes Schluter's Blog: SQL completion in PHP strings

PHP Security Blog:
Chunk_split() Overflow not fixed at all...

by Chris Cornutt June 05, 2007 @ 07:41:00

In this new post to the PHP Security blog, Stefan Esser points out that an issue that was previously marked as corrected - a problem with the chunk_split function - hasn't completely been corrected.

This [bugfix] fixes the chunk_split() overflow (found by SEC-CONSULT) that was according to the PHP 5.2.3 release notes already fixed. The original fix was however not only broken but complete nonsense. If you can read C you will see that the integer overflow was not fixed in PHP 5.2.3 but simply moved into a separate line and an additional bogus if clause was added.

Stefan includes a simple four line code example to illustrate his point.

0 comments voice your opinion now!
chunksplit overflow bug chunksplit overflow bug

Similar Posts

Stefan Esser's Blog: Suhosin Extension 0.9.17 released

Wez Furlong\'s Blog: Calling SQLBindParameter and avoiding a datetime overflow.

PHP.net: PHP 5.2.6 Released

Travis Swicegood's Blog: Pushing the boundries of PHP

Ed Finkler's Blog: Bug in Zend Studio 5.5’s php.ini

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework