At 07:39 AM 6/16/2004 -0400, Ilia Alshanetsky wrote:
Andi,
Well, majority of the places where it is used right now can be abused through
user input.
PHP 4/5: overly long constant names defined(str_repeat("a", 1024 * 1024 * 6));
PHP5: overly long class & method names
PHP5: overly long function name
At 08:45 AM 6/16/2004 -0700, Sterling Hughes wrote:
I'll buy that alloca() is harmless in the places the executor uses it
(*), php segvs on highly recursive functions, worrying about overly
long function names won't keep anyone up at night. But the real issue
is the other areas ilia mentions, wher
So, oddly enough while responding to this, gmail is showing me Zend
advertisements - just thought you should know you are getting your
money's worth :)
I'll buy that alloca() is harmless in the places the executor uses it
(*), php segvs on highly recursive functions, worrying about overly
long fun
On June 16, 2004 12:15 pm, Ard Biesheuvel wrote:
> Ilia Alshanetsky wrote:
> > PHP5/Interbase: too many arguments passed to some functions.
>
> The function in question alloca()tes a 4 pointers times the number of
> args which is kept in an unsigned short. This means the allocated memory
> can at m
Ard Biesheuvel wrote:
Ilia Alshanetsky wrote:
PHP5/Interbase: too many arguments passed to some functions.
The function in question alloca()tes a 4 pointers times the number of
args which is kept in an unsigned short. This means the allocated memory
can at most be 1M.
While this seems a lot to
Ilia Alshanetsky wrote:
PHP5/Interbase: too many arguments passed to some functions.
The function in question alloca()tes a 4 pointers times the number of
args which is kept in an unsigned short. This means the allocated memory
can at most be 1M.
While this seems a lot to allocate on the stack,
Andi,
Well, majority of the places where it is used right now can be abused through
user input.
PHP 4/5: overly long constant names defined(str_repeat("a", 1024 * 1024 * 6));
PHP5: overly long class & method names
PHP5: overly long function name
PHP5/Interbase: too many arguments passed to some
Ilia,
alloca() is very important for the executor loop and functions which where
performance is very important (mainly the Zend Engine).
I don't see any convincing reason not to use it in the way it is being used
today. If there are any specific places you find problematic and want to
discuss le
On Mon, 14 Jun 2004 12:10:46 -0400, Ilia Alshanetsky <[EMAIL PROTECTED]> wrote:
>
> Virtually all current uses involve some form of user input, which means that
> the user can exploit the problem. When bar[2048] is used to create a buffer
> of a certain known size that never change, with alloca a
Virtually all current uses involve some form of user input, which means that
the user can exploit the problem. When bar[2048] is used to create a buffer
of a certain known size that never change, with alloca a buffer of undermined
size is created in most cases.
The only 'safe' way to use the fu
Ilia Alshanetsky wrote:
There is a rather nasty crash possible in PHP due to the usage of the alloca()
function as can be demonstrated by bug #28064.
Simpler bug replication case:
php -r ' $a = str_repeat("a", 1024 * 1024 * 6); defined($a); '
The following two fragments will lead to virtually ide
11 matches
Mail list logo
