--
Ondřej Surý <[EMAIL PROTECTED]>
diff -urN php-5.1.6~/ext/standard/html.c php-5.1.6/ext/standard/html.c
--- php-5.1.6~/ext/standard/html.c 2006-02-25 22:32:11.000000000 +0100
+++ php-5.1.6/ext/standard/html.c 2006-11-03 12:24:36.000000000 +0100
@@ -1096,7 +1096,7 @@
matches_map = 0;
- if (len + 9 > maxlen)
+ if (len + 16 > maxlen)
replaced = erealloc (replaced, maxlen += 128);
if (all) {
@@ -1121,9 +1121,15 @@
}
if (matches_map) {
+ int l = strlen(rep);
+ /* increase the buffer size */
+ if (len + 2 + l >= maxlen) {
+ replaced = erealloc(replaced, maxlen += 128);
+ }
+
replaced[len++] = '&';
strcpy(replaced + len, rep);
- len += strlen(rep);
+ len += l;
replaced[len++] = ';';
}
}
