stas Sun Dec 7 07:58:42 2003 EDT
Modified files: (Branch: PHP_4_3)
/php-src/sapi/cgi/libfcgi os_unix.c
Log:
fix potential buffer overrun
Index: php-src/sapi/cgi/libfcgi/os_unix.c
diff -u php-src/sapi/cgi/libfcgi/os_unix.c:1.2.2.2
php-src/sapi/cgi/libfcgi/os_unix.c:1.2.2.3
--- php-src/sapi/cgi/libfcgi/os_unix.c:1.2.2.2 Sun Sep 21 18:08:16 2003
+++ php-src/sapi/cgi/libfcgi/os_unix.c Sun Dec 7 07:57:26 2003
@@ -17,7 +17,7 @@
*/
#ifndef lint
-static const char rcsid[] = "$Id: os_unix.c,v 1.2.2.2 2003/09/21 22:08:16 sas Exp $";
+static const char rcsid[] = "$Id: os_unix.c,v 1.2.2.3 2003/12/07 12:57:26 stas Exp $";
#endif /* not lint */
#include "fcgi_config.h"
@@ -103,6 +103,11 @@
static int shutdownPending = FALSE;
static int shutdownNow = FALSE;
+#ifndef HAVE_STRLCPY
+#define strlcpy php_strlcpy
+#endif
+size_t strlcpy(char *dst, const char *src, size_t siz);
+
void OS_ShutdownPending()
{
shutdownPending = TRUE;
@@ -293,7 +298,7 @@
short port = 0;
char host[MAXPATHLEN];
- strcpy(host, bindPath);
+ strlcpy(host, bindPath, MAXPATHLEN-1);
if((tp = strchr(host, ':')) != 0) {
*tp++ = 0;
if((port = atoi(tp)) == 0) {
@@ -396,7 +401,7 @@
short port = 0;
int tcp = FALSE;
- strcpy(host, bindPath);
+ strlcpy(host, bindPath, MAXPATHLEN-1);
if((tp = strchr(host, ':')) != 0) {
*tp++ = 0;
if((port = atoi(tp)) == 0) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
