Google Kreme wrote:
php -v
PHP 5.1.6 with Suhosin-Patch 0.9.5 (cli) (built: Oct 18 2006 08:36:59)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies
This configuration cause no end of problems, and I finally compiled php
without the Suhosin-Patch. Everything is back to normal and working.
with the patch, there were numerous errors and problems:
[Wed Oct 18 09:58:05 2006] [error] ALERT - canary mismatch on efree() -
heap overflow or double efree detected (attacker 'my.dot.ip.adr', file
'/usr/local/www/wordpress/wp-admin/edit.php')
[Wed Oct 18 10:26:06 2006] [error] ALERT - canary mismatch on efree() -
heap overflow or double efree detected (attacker 'my.dot.ip.adr', file
'/usr/local/www/data/phpMyAdmin/index.php')
etc.
Is it possible to have Suhosin-Patch enabled and somehow avoid these
heap overflows, or is Suhosin still not ready for a production environment?
Wouldn't it be best to ask whoever the patch came from?
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
