From: [EMAIL PROTECTED]
Operating system: all
PHP version: 4.0.6
PHP Bug Type: *General Issues
Bug description: PHP is developed and maintained by morons
Dear morons,
Please observe the following two lines from the 'fix' you have posted for
your file-upload incompetence:
loc = (char *) memchr(ptr, '\n', rem)+1;
if (!loc) {
There's a bug in this code. Can you see what it is? Hint: the 'if'
expression will never evaluate true. Well, that's assuming the first line
doesn't crash since it invokes undefined behaviour.
Hint #2: the whole routine (not just those 2 lines) is still completely
and utterly broken as of revision 1.71.2.2. It is riddled with code that
reads beyond the end of the buffer.
Hint #3: yet again, you need to follow-up to your Bugtraq posting with a
message saying 'Not only were we too stupid to write the code right in the
first place, we were too stupid to fix it right too. Please ignore our
previous patch. Please use this new one, which will probably be wrong
also.'
HTH, HAND.
--
Edit bug report at http://bugs.php.net/?id=15772&edit=1
--
Fixed in CVS: http://bugs.php.net/fix.php?id=15772&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=15772&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=15772&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=15772&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=15772&r=support
Expected behavior: http://bugs.php.net/fix.php?id=15772&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=15772&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=15772&r=submittedtwice
