Re: [RFC] Multibyte char handling

From: Yasuo Ohgaki Date: Thu, 23 Jan 2014 04:39:42 +0000

Subject: Re: [RFC] Multibyte char handling

References: 1 Groups: php.internals

Request: Send a blank email to [email protected] to get a copy of this message

Hi all,

On Thu, Jan 16, 2014 at 8:50 AM, Yasuo Ohgaki <[email protected]> wrote:

> addslashes() could be vulnerable via char encoding based attacks.
> It is needed to decide what counter measure we adopt.
> This is RFC for this issue.
>
> https://wiki.php.net/multibyte_char_handling
>
> Please comment.
> Thank you.
>

I've revised the RFC a little and integrated with following RFC.

Alternative implementation of mbstring using ICU
https://wiki.php.net/rfc/altmbstring

RFC is changed to include mbstring-ng as a default compiled module.
It would be better for license wise. IMHO.

If there is no additional comment, I would like to start vote.

Regards,

--
Yasuo Ohgaki
[email protected]

Thread (31 messages)

Yasuo OhgakiWed, 15 Jan 2014 23:50:18 +0000
Yasuo OhgakiThu, 16 Jan 2014 00:12:44 +0000Re: [RFC] Multibyte char handling
[email protected]Thu, 16 Jan 2014 02:36:16 +0000Re: Re: [RFC] Multibyte char handling
Yasuo OhgakiThu, 16 Jan 2014 02:58:05 +0000
Stas MalyshevThu, 16 Jan 2014 07:22:05 +0000
Yasuo OhgakiThu, 16 Jan 2014 10:36:14 +0000
Derick RethansThu, 16 Jan 2014 11:38:59 +0000
Yasuo OhgakiFri, 17 Jan 2014 03:19:21 +0000
Nikita PopovThu, 16 Jan 2014 12:18:36 +0000
Yasuo OhgakiThu, 16 Jan 2014 22:34:06 +0000
Nikita PopovThu, 16 Jan 2014 22:38:00 +0000
Yasuo OhgakiThu, 16 Jan 2014 22:47:49 +0000
Pierre JoyeSun, 19 Jan 2014 16:09:40 +0000
Yasuo OhgakiSun, 19 Jan 2014 22:48:08 +0000
Yasuo OhgakiSun, 19 Jan 2014 22:59:13 +0000
Pierre JoyeMon, 20 Jan 2014 06:38:12 +0000
Yasuo OhgakiMon, 20 Jan 2014 08:57:48 +0000
MikeFri, 17 Jan 2014 16:37:58 +0000
Yasuo OhgakiFri, 17 Jan 2014 19:53:58 +0000
Julien PauliFri, 17 Jan 2014 20:06:38 +0000
Yasuo OhgakiFri, 17 Jan 2014 21:34:43 +0000
Yasuo OhgakiFri, 17 Jan 2014 21:41:31 +0000
Julien PauliFri, 17 Jan 2014 21:50:04 +0000
Yasuo OhgakiFri, 17 Jan 2014 22:10:27 +0000
Yasuo OhgakiFri, 17 Jan 2014 22:31:05 +0000
Julien PauliFri, 17 Jan 2014 23:04:05 +0000
Yasuo OhgakiSat, 18 Jan 2014 00:20:06 +0000
Lester CaineSat, 18 Jan 2014 13:41:54 +0000
Yasuo OhgakiSat, 18 Jan 2014 18:52:01 +0000
Lester CaineSat, 18 Jan 2014 21:19:43 +0000
Yasuo OhgakiThu, 23 Jan 2014 04:39:42 +0000Re: [RFC] Multibyte char handling

« previous	php.internals (#71421)	next »

From:	Yasuo Ohgaki	Date:	Thu, 23 Jan 2014 04:39:42 +0000
Subject:	Re: [RFC] Multibyte char handling
References:	1	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message