RE: FUD-ALARM: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator

[<sir.mordred () hushmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi

Stefan nicely asked me to provide real examples in the PHP source code
in which was used something like - emalloc(userinput).
In the advisory has been 2 examples, first used emalloc(userinput +1),

second - emalloc(userinput + 2). Guess that was enough for understanding
and fixing the issue. Really sorry if someone did not get the point,
we don't provide tech support on the subject of our advisories...someday
maybe...As for the note that this is a experimental extension and not
enabled by default - looks like there are some problems with installing
sockets extension, just add --with-sockets option to configure script.

Another example of insecure emalloc() call - mhash_keygen_s2k() function
in the mhash extension which uses emalloc(userinput + 1).

Best regards.
// Sir Mordred


-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wmAEARECACAFAj6Do8gZHHNpci5tb3JkcmVkQGh1c2htYWlsLmNvbQAKCRAOkXvN4BZr
fDiiAKC2Dcu2cnqYrHD76wT8Qw9trtlBXwCgpuij68JVA18Lcv3g5vXpPDVDmQM=
=qSXr
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427