| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Mar 2003 17:25:27 -0800 From: <sir.mordred@...hmail.com> To: bugtraq@...urityfocus.com Subject: RE: FUD-ALARM: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Stefan nicely asked me to provide real examples in the PHP source code in which was used something like - emalloc(userinput). In the advisory has been 2 examples, first used emalloc(userinput +1), second - emalloc(userinput + 2). Guess that was enough for understanding and fixing the issue. Really sorry if someone did not get the point, we don't provide tech support on the subject of our advisories...someday maybe...As for the note that this is a experimental extension and not enabled by default - looks like there are some problems with installing sockets extension, just add --with-sockets option to configure script. Another example of insecure emalloc() call - mhash_keygen_s2k() function in the mhash extension which uses emalloc(userinput + 1). Best regards. // Sir Mordred -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wmAEARECACAFAj6Do8gZHHNpci5tb3JkcmVkQGh1c2htYWlsLmNvbQAKCRAOkXvN4BZr fDiiAKC2Dcu2cnqYrHD76wT8Qw9trtlBXwCgpuij68JVA18Lcv3g5vXpPDVDmQM= =qSXr -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists