Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator
From: Dullien () gmx de
Date: Fri, 28 Mar 2003 00:57:41 +0100 (MET)

Hey Mr. Mordred, all,

In PHP emalloc() function implements the error safe wrapper around
malloc().
Unfortunately this function suffers from an integer overflow and
considering the fact that emalloc() is used in many places around PHP
source code, it may lead to many serious security issues.

IIRC this bug was mentioned in a talk at last summers Black Hat conference.

http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html#Dowd

Cheers,
dullien () gmx de

-- 
+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
Bitte l├Ącheln! Fotogalerie online mit GMX ohne eigene Homepage!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault