ID: 47701 Updated by: fel...@php.net Reported By: paul at paulmcgarry dot com -Status: Open +Status: Bogus Bug Type: Unknown/Other Function Operating System: Linux PHP Version: 5.2.9 New Comment:
Please, see bug #47020. Thanks. Previous Comments: ------------------------------------------------------------------------ [2009-03-18 12:08:43] scott...@php.net Martin, where exactly is this fix? I looked through the NEWS file and saw no entries. ------------------------------------------------------------------------ [2009-03-18 11:06:36] mmcnicklebugs at googlemail dot com This has been fixed in CVS. -- Martin McNickle ------------------------------------------------------------------------ [2009-03-18 02:37:31] paul at paulmcgarry dot com Description: ------------ This relates to Bug #47020 which I believe has incorrectly set to bogus. I have been using print_r() while processing $errcontext in an error handling function, ie one registered with set_error_handler() It seems that when print_r() hits the memory limit it exposes my entire error context to the user. print_r having a failure mode where it exposes potentially private data to the user is a security issue. If it can't be fixed easily then it should be documented. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=47701&edit=1
