php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61816 Segmentation fault
Submitted: 2012-04-22 15:05 UTC Modified: 2012-05-08 08:36 UTC
From: pcf98 at vip dot qq dot com Assigned: laruence (profile)
Status: Closed Package: taint (PECL)
PHP Version: 5.3.10 OS: SUSE Linux Enterprise Server 10
Private report: No CVE-ID: None
 [2012-04-22 15:05 UTC] pcf98 at vip dot qq dot com
Description:
------------
<?php
$a = "tainted string" . ".\n";
taint($a);
$b = array("");
$b[0] .= $a;
var_dump(is_tainted($b[0]));
$c = new stdClass();
$c->foo = "this is";
$c->foo .= $b[0];
echo $b[0];  // Segmentation fault
var_dump(is_tainted($c->foo));
?>

Expected result:
----------------
bool(true)

Warning: main(): Attempt to echo a string that might be tainted in %s010.php on line %d
tainted string.
bool(true)

Actual result:
--------------
Segmentation fault


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-04-23 02:06 UTC] laruence@php.net
-Assigned To: +Assigned To: laruence
 [2012-05-08 08:29 UTC] laruence@php.net
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=325586
Log: Fixed Bug #61816 (Segmentation fault)
 [2012-05-08 08:36 UTC] laruence@php.net
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php


 [2012-05-08 08:36 UTC] laruence@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Thu Jun 27 07:01:41 2019 UTC