[wp-hackers] canary mismatch on efree() - heap overflow detected

Alex Günsche ag.ml2007 at zirona.com
Thu Aug 2 18:26:25 GMT 2007


On Thu, 2007-08-02 at 17:06 +0200, Knut-Olav Hoven wrote:
> I get the following in my Apache error log.
> 
> Aug  2 16:28:20 beta suhosin[49368]: ALERT - canary mismatch on efree() - heap 
> overflow detected (attacker '127.0.0.1', 
> file '/some/dir/wordpress/wp-includes/kses.php', line 518)

As far as I know, you can/must tweak Suhoshin to only trigger on
relevant errors. By default, it has very many false positives. There
should be a config file where you can disable the error triggering for
this specific issue.


Alex


-- 
Alex Günsche, Zirona OpenSource-Consulting
http://www.zirona.com/ | Hilfe für das HQ AC: http://www.prohq.de
PubKey for this address: http://www.zirona.com/misc/ag.ml2007.asc



More information about the wp-hackers mailing list