Package: php4-sqlite Version: 1.0.2-9 Severity: important On amd64 the sqlite_escape_string function is faulty and causes PHP to kill the script due to PHP's internal memory limit being reached.
An example script that reproduces this problem is:
<?php
echo sqlite_escape_string("a");
?>
Running this script will result in an error message such as:
Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate -1969234011 bytes) in /var/www/test.php on line 2
The string passed to sqlite_escape_string and the value of the PHP
memory limit do not effect the behaviour of the bug. The number of bytes
attempted to allocate seems completely bogus.
php5-sqlite (linked against the same libsqlite0) is not affected and
neither is php4-sqlite on i386.
This bug is currently breaking the PHPwiki package on amd64 systems.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-xen
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Versions of packages php4-sqlite depends on:
ii libapache2-mod-php4 [phpapi-2 4:4.4.2-1 server-side, HTML-embedded
scripti
ii libc6 2.3.6-4 GNU C Library: Shared
libraries an
ii libsqlite0 2.8.16-1 SQLite shared library
php4-sqlite recommends no packages.
-- no debconf information
--
Matt Brown
[EMAIL PROTECTED]
Mob +64 21 611 544 www.mattb.net.nz
signature.asc
Description: OpenPGP digital signature
