Edit report at https://bugs.php.net/bug.php?id=60965&edit=1
ID: 60965
Updated by: cataphr...@php.net
Reported by: cataphr...@php.net
Summary: Buffer overflow on htmlspecialchars/entities with
$double=false
-Status: Open
+Status: Critical
Type: Bug
Package: Reproducible crash
Operating System: Any
PHP Version: 5.4SVN-2012-02-03 (SVN)
-Assigned To:
+Assigned To: cataphract
Block user comment: N
Private report: N
Previous Comments:
------------------------------------------------------------------------
[2012-02-03 10:48:29] cataphr...@php.net
Description:
------------
Long entities can cause a buffer overflow because the loop only guarantees 40
bytes available in beginning.
Test script:
---------------
<?php
echo
htmlspecialchars('"""""""""""""""""""""""""""""""""""""""""""""',
ENT_QUOTES, 'UTF-8', false), "\n";
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=60965&edit=1
