1 PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of
2 memory via crafted binary data sent to a script that processes user
3 input in the html_entity_decode function and sends the encoded results
4 back to the client, aka a "binary safety" issue. NOTE: this issue has
5 been referred to as a "memory leak," but it is an information leak that
6 discloses memory contents.
8 Patch pulled from cvs.php.net
10 --- php-4.4.2/ext/standard/html.c 2006/01/01 13:46:57 1.63.2.23.2.1
11 +++ php-4.4.2/ext/standard/html.c 2006/02/25 21:33:06 1.63.2.23.2.2
13 enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
14 unsigned char replacement[15];
17 + ret = estrndup(old, oldlen);