Commit: 0ad81ac18a72c0bc2d9dae180950f47a09994e35 Author: Yasuo Ohgaki <yohg...@php.net> Sun, 11 Aug 2013 06:43:01 +0900 Parents: e9b128c1bfb64e50c5e361959a1a7ccd176d1324 Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=0ad81ac18a72c0bc2d9dae180950f47a09994e35 Log: Fixed possible buffer overflow under Windows. Note: Not a security fix. Changed paths: M ext/session/session.c Diff: diff --git a/ext/session/session.c b/ext/session/session.c index 05e7aa6..dba3952 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -341,7 +341,7 @@ PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ unsigned char rbuf[2048]; size_t toread = PS(entropy_length); - if (php_win32_get_random_bytes(rbuf, (size_t) toread) == SUCCESS){ + if (php_win32_get_random_bytes(rbuf, MIN(toread, sizeof(rbuf))) == SUCCESS){ switch (PS(hash_func)) { case PS_HASH_FUNC_MD5: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
