[Bug 21526] Bug in Djvu text layer extraction

bugzilla-daemon Tue, 07 Dec 2010 22:07:16 -0800

https://bugzilla.wikimedia.org/show_bug.cgi?id=21526


Tim Starling <tstarl...@wikimedia.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tstarl...@wikimedia.org

--- Comment #14 from Tim Starling <tstarl...@wikimedia.org> 2010-12-08 06:06:54 
UTC ---
Deployed now. 

Note that the effect of create_function() is to create a global function with a
random name and to return the name. Calling it in a loop will eventually use up
all memory, because there is no way to delete global functions once they are
created. For this reason alone, it shouldn't be used. But it is also slow,
requiring a parse operation that is uncached by APC, and it's insecure in the
sense that eval() is insecure: construction of PHP code can easily lead to
arbitrary execution if user input is included in the code.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 21526] Bug in Djvu text layer extraction

Reply via email to