Being a bit late here, but why don't you use spprintf() instead of
emalloc() and sprintf combo?
Moriyoshi
Sara Golemon [EMAIL PROTECTED] wrote:
pollita Mon Jan 27 14:51:51 2003 EDT
Modified files:
/php4/ext/ftp php_ftp.c ftp.h ftp.c
Log:
Fix
pollita Thu Jan 30 23:54:58 2003 EDT
Modified files:
/php4/ext/ftp ftp.c ftp.h php_ftp.c php_ftp.h
Log:
Add ftp_raw() to send raw command strings to an FTP server.
Index: php4/ext/ftp/ftp.c
diff -u php4/ext/ftp/ftp.c:1.75 php4/ext/ftp/ftp.c:1.76
---
pollita Mon Jan 27 14:51:51 2003 EDT
Modified files:
/php4/ext/ftp php_ftp.c ftp.h ftp.c
Log:
Fix potential buffer overflow.
Index: php4/ext/ftp/php_ftp.c
diff -u php4/ext/ftp/php_ftp.c:1.80 php4/ext/ftp/php_ftp.c:1.81
--- php4/ext/ftp/php_ftp.c:1.80
pollita Sun Jan 26 21:54:12 2003 EDT
Modified files:
/php4/ext/ftp ftp.c ftp.h php_ftp.c php_ftp.h
Log:
Feature Request #21748. Added function ftp_chmod().
Index: php4/ext/ftp/ftp.c
diff -u php4/ext/ftp/ftp.c:1.73 php4/ext/ftp/ftp.c:1.74
---
This is a wonderful opportunity for a buffer overflow attack. There's a
reason zend_parse_parameters() in PHP_FUNCTION(ftp_chmod) forces you to
retrieve filename_len.
Please fix it.
Thanks,
Andi
At 02:54 AM 1/27/2003 +, Sara Golemon wrote:
+ftp_chmod(ftpbuf_t *ftp, const int mode, const
iliaa Tue Jan 7 08:02:43 2003 EDT
Modified files:
/php4/ext/ftp ftp.c ftp.h php_ftp.c
Log:
ZTS cleanup.
Index: php4/ext/ftp/ftp.c
diff -u php4/ext/ftp/ftp.c:1.72 php4/ext/ftp/ftp.c:1.73
--- php4/ext/ftp/ftp.c:1.72 Mon Jan 6 22:44:12 2003
+++
iliaa Mon Jan 6 22:44:13 2003 EDT
Modified files:
/php4/ext/ftp ftp.c ftp.h php_ftp.c
Log:
Fixed ZTS build.
Index: php4/ext/ftp/ftp.c
diff -u php4/ext/ftp/ftp.c:1.71 php4/ext/ftp/ftp.c:1.72
--- php4/ext/ftp/ftp.c:1.71 Mon Jan 6 21:47:24 2003