PHP original HTML encoder overflow problem solution. In PHP5.1.6, 4.4.4, and earlier versions, when searching for characters related to "htmlspecialchars () andhtmlentities, when the UTF-8 encoding is selected, it may trigger a PHP5.1.6, 4.4.4, or a previous version, while searching for characters related to "htmlspecialchars () and htmlentities, A possible buffer overflow may be triggered when the UTF-8 encoding is selected.
"While we were searching for a hole in htmlspecialchars () and htmlentities () to bypass the encoding of certain chars to exploit a possible eval () injection hole in another application we discovered that the implementation contains a possible bufferoverflow that can be triggered when the UTF-8 charset is selected."
The latest PHP5 version 5.2 has fixed this error, but this problem still exists in PHP4.4. All information can be viewed in the full vulnerability.
Encoding () and htmlentities () "related character encoding, when the UTF-8 encoding is selected may trigger a can...