iliaa Wed Nov 1 01:56:46 2006 UTC
Modified files: (Branch: PHP_4_4)
/php-src/ext/standard html.c
Log:
MFH: Added missing boundary checks.
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/html.c?r1=1.63.2.23.2.2&r2=1.63.2.23.2.3&diff_format=u
Index: php-src/ext/standard/html.c
diff -u php-src/ext/standard/html.c:1.63.2.23.2.2
php-src/ext/standard/html.c:1.63.2.23.2.3
--- php-src/ext/standard/html.c:1.63.2.23.2.2 Sat Feb 25 21:33:06 2006
+++ php-src/ext/standard/html.c Wed Nov 1 01:56:46 2006
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: html.c,v 1.63.2.23.2.2 2006/02/25 21:33:06 rasmus Exp $ */
+/* $Id: html.c,v 1.63.2.23.2.3 2006/11/01 01:56:46 iliaa Exp $ */
/*
* HTML entity resources:
@@ -878,7 +878,7 @@
matches_map = 0;
- if (len + 9 > maxlen)
+ if (len + 16 > maxlen)
replaced = erealloc (replaced, maxlen += 128);
if (all) {
@@ -903,9 +903,15 @@
}
if (matches_map) {
+ int l = strlen(rep);
+ /* increase the buffer size */
+ if (len + 2 + l >= maxlen) {
+ replaced = erealloc(replaced, maxlen +=
128);
+ }
+
replaced[len++] = '&';
strcpy(replaced + len, rep);
- len += strlen(rep);
+ len += l;
replaced[len++] = ';';
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
