iliaa Thu Jan 25 00:27:19 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/standard user_filters.c
Log:
Added safety checks to the code
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/user_filters.c?r1=1.31.2.4.2.5&r2=1.31.2.4.2.6&diff_format=u
Index: php-src/ext/standard/user_filters.c
diff -u php-src/ext/standard/user_filters.c:1.31.2.4.2.5
php-src/ext/standard/user_filters.c:1.31.2.4.2.6
--- php-src/ext/standard/user_filters.c:1.31.2.4.2.5 Fri Jan 19 14:50:11 2007
+++ php-src/ext/standard/user_filters.c Thu Jan 25 00:27:19 2007
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: user_filters.c,v 1.31.2.4.2.5 2007/01/19 14:50:11 tony2001 Exp $ */
+/* $Id: user_filters.c,v 1.31.2.4.2.6 2007/01/25 00:27:19 iliaa Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -256,6 +256,7 @@
zval *obj, *zfilter;
zval func_name;
zval *retval = NULL;
+ int len;
/* some sanity checks */
if (persistent) {
@@ -264,9 +265,10 @@
return NULL;
}
+ len = strlen(filtername);
+
/* determine the classname/class entry */
- if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername,
- strlen(filtername) + 1, (void**)&fdat)) {
+ if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername,
len + 1, (void**)&fdat)) {
char *period;
/* Userspace Filters using ambiguous wildcards could cause
problems.
@@ -275,10 +277,10 @@
TODO: Allow failed userfilter creations to continue
scanning through the list */
if ((period = strrchr(filtername, '.'))) {
- char *wildcard;
+ char *wildcard = emalloc(len + 3);
/* Search for wildcard matches instead */
- wildcard = estrdup(filtername);
+ memcpy(wildname, filtername, len + 1); /* copy \0 */
period = wildcard + (period - filtername);
while (period) {
*period = '\0';
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
