hello,
i think i have a patch that should made it into your next release
candidate before the problem is forgoten:
the function sapi_module.read_cookies does return a pointer that is
allocated within the addresspace of the server (f.e. apache). this
is a violation of the idea behind modular programming.
the cookie_data should be properly estrduped to ensure, that
whatever a php extension does with the cookie_data it never
ever touches addresspace that was not allocated by php itself.
the patch i send you with this mail does exactly this:
1) estrdup cookie_data if != NULL
2) efree it on exit
martin
SAPI.diff
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
