oss-sec mailing list archives
Re: Re: NULL byte poisoning fix in php 5.3.4+
From: Pierre Joye <pierre.php () gmail com>
Date: Thu, 9 Dec 2010 15:38:00 +0100
On Thu, Dec 9, 2010 at 3:34 PM, Steven M. Christey <coley () linus mitre org> wrote:
On Thu, 9 Dec 2010, Pierre Joye wrote:We are about to release 5.2.15 and 5.3.4, can anyone please get an id for this issue?I just assigned CVE-2006-7243 to the http://bugs.php.net/39863 issue, i.e. NULL injection in file_exists() *only*. However, as already stated, the issue of NULL byte injection with PHP dates back to 1999 or so (ouch... I remember that). If PHP is addressing NULL byte injection beyond just file_exists(), then that may need a separate CVE.
We fixed it for all file functions. See the link to the commit for more details about which codes have been changed. Do we need a CVE for every function? I hope not :) Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
Current thread:
- NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 22)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Josh Bressers (Nov 22)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 29)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 22)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)