Bug report:
http://bugs.php.net/?id=10252&edit=1
Could someone look over this patch and tell me whether it is safe? Both
attached and inline here.
--- php_odbc.c.orig Wed Apr 11 12:23:56 2001
+++ php_odbc.c Wed Apr 11 12:27:23 2001
@@ -1928,6 +1928,8 @@
char dsnbuf[300];
short dsnbuflen;
char *ldb = 0;
+ int ldb_len = 0;
+
if (strstr((char*)db, ";")) {
direct = 1;
@@ -1936,8 +1938,9 @@
ldb = (char*)emalloc(strlen(db) +
strlen(uid) + strlen(pwd) + 12);
sprintf(ldb, "%s;UID=%s;PWD=%s", db,
uid, pwd);
} else {
- ldb = (char*)emalloc(strlen(db) + 1);
- strcat(ldb, db);
+ ldb_len = (strlen(db)+1);
+ ldb = (char*)emalloc(ldb_len);
+ strlcpy(ldb, db, ldb_len);
}
}
--- php_odbc.c.orig Wed Apr 11 12:23:56 2001
+++ php_odbc.c Wed Apr 11 12:27:23 2001
@@ -1928,6 +1928,8 @@
char dsnbuf[300];
short dsnbuflen;
char *ldb = 0;
+ int ldb_len = 0;
+
if (strstr((char*)db, ";")) {
direct = 1;
@@ -1936,8 +1938,9 @@
ldb = (char*)emalloc(strlen(db) + strlen(uid) +
strlen(pwd) + 12);
sprintf(ldb, "%s;UID=%s;PWD=%s", db, uid, pwd);
} else {
- ldb = (char*)emalloc(strlen(db) + 1);
- strcat(ldb, db);
+ ldb_len = (strlen(db)+1);
+ ldb = (char*)emalloc(ldb_len);
+ strlcpy(ldb, db, ldb_len);
}
}
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
