[Bug 655442] [NEW] memory content leak when using invalid utf-8 with XMLWriter::writeAttribute
Kees Cook
kees at ubuntu.com
Wed Oct 6 02:44:42 BST 2010
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: php5
It seems that PHP is not correctly using libxml2's xmlwriter routines,
and allows passing in invalid utf-8 strings which are then misparsed by
libxml2, allowing memory contents to leak into the resulting output.
Actual output:
PHP Warning: XMLWriter::writeAttribute(): string is not in UTF-8 in /tmp/xmlwriter.php on line 12
<input value="@±�ˋ[����ĹJ���R���Q"/>
Expected output:
<input value="à&#e81"/>
** Affects: php
Importance: Unknown
Status: Unknown
** Affects: php5 (Ubuntu)
Importance: Low
Status: Confirmed
** This bug has been flagged as a security vulnerability
--
memory content leak when using invalid utf-8 with XMLWriter::writeAttribute
https://bugs.launchpad.net/bugs/655442
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list