But the magic wasn't in the crash. It was in the resurrection.
“That’s how they’re persisting,” she whispered. php 5.5.9 exploit
But Maya had a different kind of exploit. She wrote a mod_proxy rule that filtered any HTTP request containing Zend Engine and a fragment length > 800 characters, redirecting it to a honeypot. Then, she backported the official PHP patch from 5.5.10—a one-line change in ext/standard/url.c that added a ZVAL_NULL() before the double-free condition. But the magic wasn't in the crash