Home page logo

oss-sec logo oss-sec mailing list archives

Re: Re: php ZipArchive::addGlob() crashes on invalid flags
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 1 Jul 2011 22:36:21 +0200

On Fri, 01 Jul 2011 18:34:51 +0200 Maksymilian Arciemowicz wrote:

Using glob(3) with invalid flag may give unexpected results. Try
glob(3) of netbsd implementations and use flags 0x39 0x40..

I don't have an easy way to test on netbsd, but looking at glob.h in
netbsd cvs, 0x40 is GLOB_ALTDIRFUNC, and 0x39 contains GLOB_APPEND,
which were problematic on glibc as well.  Both due to uninitialized
glob_t members.

Tomas Hoger / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]