Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.1.0

Bug #9093 Patches for Out-of-memory and Segfaults, with testsuite [take2]
Submitted: 2006-10-19 03:38 UTC Modified: 2006-10-23 06:04 UTC
From: robbat2 at gentoo dot org Assigned: tacker
Status: Closed Package: File_Bittorrent (version 1.0.2)
PHP Version: Irrelevant OS: Linux
Roadmaps: (Not assigned)    
Subscription  


 [2006-10-19 03:38 UTC] robbat2 at gentoo dot org (Robin Johnson)
Description: ------------ This patch fixes many input cases where File_Bittorrent did not do the correct thing. Correct in this case being the Python and Perl testsuite, which I ported to this implementation, and also added a few other test cases that I ran into while working on fixing the issues. Of major signifiance: No more DoS effects from a list with an end marker, or for an non-string key in a dictionary. Patch is located at: http://www.orbis-terrarum.net/~robbat2/File_Bittorrent-1.0.2-TestSuite-Fixes-take2.patch It's had one further revision since the previous version submitted by email, for a case where '0:' was not correctly decoded. Test script: --------------- Please see the TestSuite contained inside the patch: http://www.orbis-terrarum.net/~robbat2/File_Bittorrent-1.0.2-TestSuite-Fixes-take2.patch Expected result: ---------------- Decoding should return FALSE for corrupt torrent. Actual result: -------------- Various different input leads to an infinte CPU-loop, an instant segfault, and rapid memory consumption.

Comments

 [2006-10-23 06:04 UTC] tacker at php dot net (Markus Tacker)
Thank you for your bug report. This issue has been fixed in the latest released version of the package, which you can download at http://pear.php.net/get/File_Bittorrent Thanks very much!