iliaa Mon Aug 30 18:21:18 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src/ext/dio dio.c
Log:
MFH: Added missing input validation to dio_write().
http://cvs.php.net/diff.php/php-src/ext/dio/dio.c?r1=1.21.2.8&r2=1.21.2.9&ty=u
Index: php-src/ext/dio/dio.c
diff -u php-src/ext/dio/dio.c:1.21.2.8 php-src/ext/dio/dio.c:1.21.2.9
--- php-src/ext/dio/dio.c:1.21.2.8 Mon Aug 23 13:27:53 2004
+++ php-src/ext/dio/dio.c Mon Aug 30 18:21:18 2004
@@ -232,6 +232,12 @@
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs|l", &r_fd, &data,
&data_len, &trunc_len) == FAILURE) {
return;
}
+
+ if (trunc_len <= 0 || trunc_len > data_len) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater
then zero and less then the length of specified string.");
+ RETURN_FALSE;
+ }
+
ZEND_FETCH_RESOURCE(f, php_fd_t *, &r_fd, -1, le_fd_name, le_fd);
res = write(f->fd, data, trunc_len ? trunc_len : data_len);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
