Resolution for ver_export()/addslashes() encoding based script execution attack?

From:	Yasuo Ohgaki	Date:	Mon, 24 Feb 2014 09:41:03 +0000
Subject:	Resolution for ver_export()/addslashes() encoding based script execution attack?
Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi all,

Since this RFC is declined,

https://wiki.php.net/rfc/multibyte_char_handling

We need another short term resolution for it at least.
Any suggestions?

Regards,

--
Yasuo Ohgaki
[email protected]


   

Thread (20 messages)

• Yasuo OhgakiMon, 24 Feb 2014 09:41:03 +0000
  • Nikita PopovMon, 24 Feb 2014 11:07:05 +0000
    • Yasuo OhgakiTue, 25 Feb 2014 05:07:02 +0000
      • Stas MalyshevTue, 25 Feb 2014 06:47:23 +0000
        • Yasuo OhgakiTue, 25 Feb 2014 10:36:11 +0000
          • Stas MalyshevTue, 25 Feb 2014 11:01:12 +0000
            • Johannes SchlüterTue, 25 Feb 2014 11:39:40 +0000
              • Yasuo OhgakiWed, 26 Feb 2014 06:15:01 +0000
                • Lester CaineWed, 26 Feb 2014 09:03:03 +0000
                  • Yasuo OhgakiWed, 26 Feb 2014 09:21:08 +0000
                    • Lester CaineWed, 26 Feb 2014 12:32:06 +0000
                      • Yasuo OhgakiWed, 26 Feb 2014 22:28:23 +0000
                        • Pádraic BradyThu, 27 Feb 2014 22:22:47 +0000
                          • Yasuo OhgakiThu, 27 Feb 2014 23:08:19 +0000
                            • Pierre JoyeFri, 28 Feb 2014 00:28:39 +0000
              • Stas MalyshevWed, 26 Feb 2014 11:52:40 +0000
                • Yasuo OhgakiWed, 26 Feb 2014 21:23:32 +0000
                  • Stas MalyshevFri, 28 Feb 2014 18:57:29 +0000
                    • Yasuo OhgakiSat, 01 Mar 2014 00:19:41 +0000
            • Yasuo OhgakiWed, 26 Feb 2014 05:25:45 +0000