[PHP-CVS] cvs: php-src /main safe_mode.c

Stefan Esser Wed, 01 Dec 2004 14:51:52 -0800

sesser          Wed Dec  1 17:37:33 2004 EDT

  Modified files:              
    /php-src/main       safe_mode.c 
  Log:
  Do not silently truncate
  
  
  
http://cvs.php.net/diff.php/php-src/main/safe_mode.c?r1=1.60&r2=1.61&ty=u
Index: php-src/main/safe_mode.c
diff -u php-src/main/safe_mode.c:1.60 php-src/main/safe_mode.c:1.61
--- php-src/main/safe_mode.c:1.60       Wed Sep 29 08:35:13 2004
+++ php-src/main/safe_mode.c    Wed Dec  1 17:37:33 2004
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: safe_mode.c,v 1.60 2004/09/29 12:35:13 hyanantha Exp $ */
+/* $Id: safe_mode.c,v 1.61 2004/12/01 22:37:33 sesser Exp $ */
 
 #include "php.h"
 
@@ -55,13 +55,15 @@
        php_stream_wrapper *wrapper = NULL;
        TSRMLS_FETCH();
 
-       strlcpy(filenamecopy, filename, MAXPATHLEN);
-       filename=(char *)&filenamecopy;
-
        if (!filename) {
                return 0; /* path must be provided */
        }
 
+       if (strlcpy(filenamecopy, filename, MAXPATHLEN)>=MAXPATHLEN) {
+               return 0;
+       }
+       filename=(char *)&filenamecopy;
+
        if (fopen_mode) {
                if (fopen_mode[0] == 'r') {
                        mode = CHECKUID_DISALLOW_FILE_NOT_EXISTS;


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /main safe_mode.c

Reply via email to