Hi, Sorry, half of the patch was bogus... For some reason I thought -1 / 10 stays -1. Obviously that is wrong.
However: important is the i=0; Without that line i is some value between 0 and 248, depending on c. Off course initialised with such a value it is possible to overwrite stack values that are far outside the 10 byte buffer with values between '0' and '9'. Stefan Esser -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
