You are here: Comment on Bug #30153: FATAL erealloc() error when using gzinflate() « PHP « IT news, forums, messages
Comment on Bug #30153: FATAL erealloc() error when using gzinflate()

Posted by Tim Nufire on 09/27/05 08:46

In tracking down a bug that I am seeing on a site I am working on, I
came accross bug #30153 (http://bugs.php.net/bug.php?id=30153). I must
say I am shocked that this bug was closed as 'bogus'.... Not only is
this a bug, it is a security issue! How can gzinflate not be responsible
for validating the content passed to it? Not doing so exposes PHP
servers that use this function to serious denial of service attacks....

Let me illustrate this issue using Magpierss
(http://magpierss.sourceforge.net) which uses gzinflate to support
gziped http rss feeds. Because Magpierss gets the compressed content
from a foreign server, it does not control its validity. The only way to
see if it is valid is to try to decompress it... Since this will crash
the script when the content is not valid, using gzinflate in this way
will expose any RSS aggregator that uses Magpierss to denial of service
attacks. Since no other means are provide to validate the gzip content,
I am at a loss to suggest a work-around to the Magpierss authors...

This is just one example. Any server which decompresses content that it
gets from a foreign source will have this same issue. IMO, crashing a
script is never the right way to indicate that an error has occurred.
Without a fix, gzinflate should only be used when the content comes from
a trusted source.

If I am missing something here or if there is a workaround to this
problem, please let me know.

Thanks,
Tim

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация