Re: [VOTE] Multbye char handling - Remove vulnerability related tomultibyte short and long term

From: Date: Wed, 12 Feb 2014 09:03:48 +0000
Subject: Re: [VOTE] Multbye char handling - Remove vulnerability related tomultibyte short and long term
References: 1 2  Groups: php.internals 
Request: Send a blank email to [email protected] to get a copy of this message
Hi Joe,

On Mon, Feb 10, 2014 at 4:25 PM, Joe Watkins <[email protected]> wrote:

> I voted no, on both.
>
> The first rfc doesn't even contain a patch, so I have nothing to review, I
> don't much care what you think the reasons are for the change, I care what
> the code says, and there isn't any.
>
> The second RFC is based on an extension that was written 5 years ago and
> hasn't been touched since.
>
> Not good enough, nothing like good enough ...
>

Thank you for the comment. It helps :)
It would be nice to have patch, I agree.
I don't have luxury to write code that would not be used...
I don't mind to have vote for proposed patch and improve, though.
Is a patch must have requirement for RFC?
I think it worth to agree what we should have, then decide/write code
like timing safe string comparison.

I wouldn't write number of timing safe functions to compare their
performance unless it was decided to include.

https://github.com/yohgaki/php-src/compare/PHP-5.6-rfc-hash-compare

I hope you change your mind.

Regards,

--
Yasuo Ohgaki
[email protected]


Thread (11 messages)

« previous php.internals (#72506) next »