On Thu, 2010-11-25 at 10:25 -0800, Rasmus Lerdorf wrote: > We also need that non-null zend_parse_parameters type implemented to > clean up the null-byte poisoning fixes in 5.3.
Recently there was an off-list discussion about adding support for accepting non-empty strings only via zend_parse_parameters (zpp). There I raised the concern that we shouldn't add too many special validations for two main reasons: a) The more options zpp has the harder it is to use/read/maintain b) Errors from zpp usually are typically caused by program errors which in other languages for instance might be detected by a compiler not for being bad values as such errors might require different handling by the user. The null-byte thing is not only good for file operations but also for ereg and other places. But we should be sure about the error semantics caused. johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
