PHP 4 – Reference Counter Overflow Fix
May 20th, 2007
Because the PHP developers do not want to fix the PHP 4 Reference Counter Overflow Vulnerability that was disclosed during the Month of PHP Bugs the Hardened-PHP Project as usual had to step in to protect the users of PHP.
I created a patch for the refcount overflow problem that took about 30 minutes to develop and that fixes the problem without breaking binary compatibility. Something that is according to claims of Zend Engine developer and Zend employee Stanislav Malyshev not possible at the moment. You can apply it directly or wait until it was ripped and merged into the default PHP CVS after it was relabled as the work of the PHP developers.
Read more at blog-admin@nopiracy.de (Stefan Esser)