php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #61816 Segmentation fault
Submitted: 2012-04-22 15:05 UTC Modified: 2012-05-08 08:36 UTC
From: pcf98 at vip dot qq dot com Assigned: laruence (profile)
Status: Closed Package: taint (PECL)
PHP Version: 5.3.10 OS: SUSE Linux Enterprise Server 10
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: pcf98 at vip dot qq dot com
New email:
PHP Version: OS:

 

 [2012-04-22 15:05 UTC] pcf98 at vip dot qq dot com 
Description:
------------
<?php
$a = "tainted string" . ".\n";
taint($a);
$b = array("");
$b[0] .= $a;
var_dump(is_tainted($b[0]));
$c = new stdClass();
$c->foo = "this is";
$c->foo .= $b[0];
echo $b[0];  // Segmentation fault
var_dump(is_tainted($c->foo));
?>

Expected result:
----------------
bool(true)

Warning: main(): Attempt to echo a string that might be tainted in %s010.php on line %d
tainted string.
bool(true)

Actual result:
--------------
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-04-23 02:06 UTC] laruence@php.net
-Assigned To: +Assigned To: laruence
 [2012-05-08 08:29 UTC] laruence@php.net 
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=325586
Log: Fixed Bug #61816 (Segmentation fault)
 [2012-05-08 08:36 UTC] laruence@php.net 
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php
 [2012-05-08 08:36 UTC] laruence@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Dec 26 20:01:29 2024 UTC