Well you want me to merge the foreach() fix then? I don't because I prefer
it being tested for a while so that we don't have a pl1.
I don't think we fix all crash bugs every release. Mainly buffer overflows
are dangerous. Not double free()'s or de-referencing NULL pointers. But of
course, a lot of crashes are potentially dangerous but we would never have
any releases if we'd make sure that there's no chance PHP can crash, ever.
Andi
At 04:12 PM 4/24/2001 +0300, you wrote:
>Not necessarily; Crash bugs can very often lead to security issues. Of
>course, it's a clearer cut if it's in a situation which is very likely to
>happen.
>
>Zeev
>
>
>At 17:09 24/4/2001, Andi Gutmans wrote:
>>At 03:59 PM 4/24/2001 +0300, Zeev Suraski wrote:
>>>A reproducible crash bug in a mainstream module is a show stopper IMHO...
>>
>>I think you mean in a mainstream module and in a situation which has a
>>high chance of happening.
>>Crash bugs which are 1 in a million don't necessarily need to be show
>>stoppers.
>>
>>Andi
>
>--
>Zeev Suraski <[EMAIL PROTECTED]>
>CTO & co-founder, Zend Technologies Ltd. http://www.zend.com/
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]