Tip: PHP Original HTML encoder Overflow problem Resolution

Source: Internet
Author: User

In PHP5.1.6, 4.4.4 and previous versions, a possible buffer overflow may be triggered when the UTF-8 encoding is selected when searching for the associated character encoding for "htmlspecialchars () and Htmlentities ()".

"While we are were searching for a hole in Htmlspecialchars () and htmlentities () to bypass the encoding of certain chars to ex Ploit a possible eval () injection hole in another application we discovered that implementation contains a possible BU Fferoverflow that can being triggered the UTF-8 charset is selected.

The latest release of PHP5 version 5.2 has fixed this error, but the problem still exists in the PHP4.4 version. All information can be found in the full vulnerability.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.