> A preliminary implementation of PHP taint support is available from > ftp://ftp.porcupine.org/pub/php/ This code is released under version > 2.00 of the Zend license. > > Below are fragments from the README file. For the full text please see > ftp://ftp.porcupine.org/pub/php/php-5.2.3-taint-20071102.README.html > This file also has information about using taint in real applications, > about run-time performance, and about changes within the PHP core. > > Most of all, your feedback is welcome, so that I can make this code > as easy to use and as performant as possible.
php-5.2.3-taint-20071102 gcc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21) compiling apache 2.2.4 dso module configure with --enable-mbstring --disable-mbregex ---- ext/mbstring/mb_gpc.c: In function 'mbstr_treat_data': ext/mbstring/mb_gpc.c:63: warning: passing argument 3 of 'php_default_treat_data' makes integer from pointer without a cast ext/mbstring/mb_gpc.c:63: error: too few arguments to function 'php_default_treat_data' ext/mbstring/mb_gpc.c: In function '_php_mb_encoding_handler_ex': ext/mbstring/mb_gpc.c:331: warning: passing argument 5 of 'sapi_module.input_filter' makes integer from pointer without a cast ext/mbstring/mb_gpc.c:331: error: too few arguments to function 'sapi_module.input_filter' make: *** [ext/mbstring/mb_gpc.lo] Error 1 ---- Without mbstring options same compilation stops at ---- sapi/apache2handler/sapi_apache2.c: In function 'php_apache_sapi_register_variables': sapi/apache2handler/sapi_apache2.c:246: warning: passing argument 5 of 'sapi_module.input_filter' makes integer from pointer without a cast sapi/apache2handler/sapi_apache2.c:246: error: too few arguments to function 'sapi_module.input_filter' sapi/apache2handler/sapi_apache2.c:251: warning: passing argument 5 of 'sapi_module.input_filter' makes integer from pointer without a cast sapi/apache2handler/sapi_apache2.c:251: error: too few arguments to function 'sapi_module.input_filter' make: *** [sapi/apache2handler/sapi_apache2.lo] Error 1 ---- Compiles fine without --enable-taint. Do you need more information about other configure options or compilation environment? -- Tomas -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
