[php-maint] Bug#554684: Bug#554684: php5-pgsql: Suhosin alerts about heap overflows
Gunnar Wolf
gwolf at gwolf.org
Fri Nov 6 01:41:41 UTC 2009
sean finney dijo [Fri, Nov 06, 2009 at 12:16:59AM +0100]:
> On Thu, Nov 05, 2009 at 04:34:03PM -0600, Gunnar Wolf wrote:
> > function db_escape_string($text) {
> > return pg_escape_string($text);
> > }
>
> > 2009-11-04 06:25:29 CST [30578]WARNING: nonstandard use of \\ in a string literal at character 25
>
> hm... maybe this is a result of pg_escape_string and magic_quotes_<foo>
> used together?
In such case, this should be reassigned to drupal6 as they are
applying the escapings in the wrong order, right?
Now, in such case... I wonder why I don't get this warning more
often. As I said in the report, the site in question had its comments
open for spammers (although they were piling for administrator's
authorization). I have closed the comments for now, but would surely
like to know what causes this.
FWIW, I do _not_ think this is caused by magic_quotes as a global
configuration setting, as it is explicitly turned off at the site in
question.
--
Gunnar Wolf • gwolf at gwolf.org • (+52-55)5623-0154 / 1451-2244
More information about the pkg-php-maint
mailing list