| #
95889979 |
| 04-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14553: Bug in phpdbg8.3 (also 8.1 and 8.2) echo output - trimmed at NULL byte (?)
This broke in 6318040df2b6c6f4824b99fd27369179d29ee93b when phpdbg
stopped using its custom print
Fix GH-14553: Bug in phpdbg8.3 (also 8.1 and 8.2) echo output - trimmed at NULL byte (?)
This broke in 6318040df2b6c6f4824b99fd27369179d29ee93b when phpdbg
stopped using its custom printing routines. By relying on standard
printing routines, the embedded NUL bytes are causing the strings to be
cut off, even when using %.*s. Solve this by going straight to the
output routine, which is what the printf routine would've done anyway.
Closes GH-14822.
show more ...
|
| #
0f21cbc5 |
| 27-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10715: phpdbg heap buffer overflow -- by misuse of the option "--run"
Fixes GH-10715
When a string starting with a NUL character is passed to
phpdbg_vprint(), the vasprin
Fix GH-10715: phpdbg heap buffer overflow -- by misuse of the option "--run"
Fixes GH-10715
When a string starting with a NUL character is passed to
phpdbg_vprint(), the vasprintf() will return that 0 characters have been
printed. This causes msglen == 0. When phpdbg_process_print() is called
with a message of length 0, the -1 to check for '\n' will perform an out
of bounds read. Since nothing is printed anyway for msglen == 0, it
seems best to just skip the printing routine for this case.
Closes GH-10720.
show more ...
|
