|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #4606 Transparent SID causes occasional corruption near <f* tags
Submitted: 2000-05-26 12:03 UTC Modified: 2000-08-01 09:38 UTC
From: brian at kusala dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.0 Release Candidate 2 OS: Redhat Linux 6.1
Private report: No CVE-ID: None
 [2000-05-26 12:03 UTC] brian at kusala dot com
With Transparent SID on and cookies disabled the system occassionally inserts blocks of gibberish (looks like a buffer overflow?) into the output imediately after <f* tags (in url_scanner.c)

i.e. <font => <f ZZ?̏*?ont
and  <form action=  =>  <formZZ?̏*? action=

The corruption is erratic, email me for a document that causes this problem...


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2000-07-26 00:52 UTC]
Very similar to existing bug - likely has same root cause.
See bug #3411
 [2000-07-26 07:09 UTC]
no, this one is different

#3411 and friends put the session id into the wrong place
but they do not produce rubbish or affect <font> tags ...
 [2000-07-28 17:57 UTC]
does this still happen with current versions ?
i would really like to know this as i am 
reworking url_scanner() this weekend ...
 [2000-07-28 21:01 UTC] brian at kusala dot com
Appears to have stopped in 2.0.1pl2 (or at least I havn't seen it since I put the new version on the system)  It was always intermitent however so I can't say for certain that it is fixed or not...
 [2000-08-01 09:38 UTC]
as transparent SID code was rewritten this should no longer happen
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Jul 12 20:01:30 2024 UTC