Wouldn't it look better to use sizeof() instead of a macro?
Moriyoshi
"Edin Kadribasic" <[EMAIL PROTECTED]> wrote:
> edink Fri Nov 22 10:47:44 2002 EDT
>
> Modified files: (Branch: PHP_4_3)
> /php4/sapi/cgi cgi_main.c
> Log:
> MFH: Avoid possible buffer overflow.
>
>
> Index: php4/sapi/cgi/cgi_main.c
> diff -u php4/sapi/cgi/cgi_main.c:1.190.2.4 php4/sapi/cgi/cgi_main.c:1.190.2.5
> --- php4/sapi/cgi/cgi_main.c:1.190.2.4 Fri Nov 22 08:50:40 2002
> +++ php4/sapi/cgi/cgi_main.c Fri Nov 22 10:47:44 2002
> @@ -234,10 +234,11 @@
> }
> }
>
> +#define SAPI_CGI_MAX_HEADER_LENGTH 1024
>
> static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC)
> {
> - char buf[1024];
> + char buf[SAPI_CGI_MAX_HEADER_LENGTH];
> sapi_header_struct *h;
> zend_llist_position pos;
> long rfc2616_headers = 0;
> @@ -255,7 +256,13 @@
> int len;
>
> if (rfc2616_headers) {
> - len = sprintf(buf, "%s\r\n",
>SG(sapi_headers).http_status_line);
> + len = snprintf(buf, SAPI_CGI_MAX_HEADER_LENGTH,
> + "%s\r\n",
>SG(sapi_headers).http_status_line);
> +
> + if (len > SAPI_CGI_MAX_HEADER_LENGTH) {
> + len = SAPI_CGI_MAX_HEADER_LENGTH;
> + }
> +
> } else {
> len = sprintf(buf, "Status: %d\r\n",
>SG(sapi_headers).http_response_code);
> }
>
>
>
> --
> PHP CVS Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
