rasmus Wed, 15 Jul 2009 19:16:58 +0000 URL: http://svn.php.net/viewvc?view=revision&revision=284146
Changed paths: U php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c Log: Limit db connection strings to 255 chars here - I don't trust the underlying libs Modified: php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c 2009-07-15 19:09:15 UTC (rev 284145) +++ php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c 2009-07-15 19:16:58 UTC (rev 284146) @@ -406,8 +406,11 @@ } convert_to_string_ex(yyhost); host = Z_STRVAL_PP(yyhost); + if(strlen(host)>255) { + host[255] = '\0'; + } user=passwd=NULL; - hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s__", Z_STRVAL_PP(yyhost)); + hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s__", host); } break; case 2: { @@ -420,8 +423,14 @@ convert_to_string_ex(yyuser); host = Z_STRVAL_PP(yyhost); user = Z_STRVAL_PP(yyuser); + if(strlen(host)>255) { + host[255] = '\0'; + } + if(strlen(user)>255) { + user[255] = '\0'; + } passwd=NULL; - hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s_%s_",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser)); + hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s_%s_", host, user); } break; case 3: { @@ -436,7 +445,16 @@ host = Z_STRVAL_PP(yyhost); user = Z_STRVAL_PP(yyuser); passwd = Z_STRVAL_PP(yypasswd); - hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); + if(strlen(host)>255) { + host[255] = '\0'; + } + if(strlen(user)>255) { + user[255] = '\0'; + } + if(strlen(passwd)>255) { + passwd[255] = '\0'; + } + hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s", host, user, passwd); } break; case 4: { @@ -453,7 +471,16 @@ user = Z_STRVAL_PP(yyuser); passwd = Z_STRVAL_PP(yypasswd); new_link = Z_LVAL_PP(yynew_link); - hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); + if(strlen(host)>255) { + host[255] = '\0'; + } + if(strlen(user)>255) { + user[255] = '\0'; + } + if(strlen(passwd)>255) { + passwd[255] = '\0'; + } + hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s", host, user, passwd); } break; default:
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php