iliaa Wed Nov 1 01:55:11 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/standard html.c
Log:
Added missing boundary checks.
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/html.c?r1=1.111.2.2.2.2&r2=1.111.2.2.2.3&diff_format=u
Index: php-src/ext/standard/html.c
diff -u php-src/ext/standard/html.c:1.111.2.2.2.2
php-src/ext/standard/html.c:1.111.2.2.2.3
--- php-src/ext/standard/html.c:1.111.2.2.2.2 Mon Oct 2 07:58:13 2006
+++ php-src/ext/standard/html.c Wed Nov 1 01:55:11 2006
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: html.c,v 1.111.2.2.2.2 2006/10/02 07:58:13 bjori Exp $ */
+/* $Id: html.c,v 1.111.2.2.2.3 2006/11/01 01:55:11 iliaa Exp $ */
/*
* HTML entity resources:
@@ -1105,7 +1105,7 @@
matches_map = 0;
- if (len + 9 > maxlen)
+ if (len + 16 > maxlen)
replaced = erealloc (replaced, maxlen += 128);
if (all) {
@@ -1130,9 +1130,15 @@
}
if (matches_map) {
+ int l = strlen(rep);
+ /* increase the buffer size */
+ if (len + 2 + l >= maxlen) {
+ replaced = erealloc(replaced, maxlen +=
128);
+ }
+
replaced[len++] = '&';
strcpy(replaced + len, rep);
- len += strlen(rep);
+ len += l;
replaced[len++] = ';';
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
