rasmus Wed, 15 Jul 2009 19:16:58 +0000
URL: http://svn.php.net/viewvc?view=revision&revision=284146
Changed paths:
U php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c
Log:
Limit db connection strings to 255 chars here - I don't trust the underlying
libs
Modified: php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c 2009-07-15 19:09:15 UTC
(rev 284145)
+++ php/php-src/branches/PHP_5_2/ext/mssql/php_mssql.c 2009-07-15 19:16:58 UTC
(rev 284146)
@@ -406,8 +406,11 @@
}
convert_to_string_ex(yyhost);
host = Z_STRVAL_PP(yyhost);
+ if(strlen(host)>255) {
+ host[255] = '\0';
+ }
user=passwd=NULL;
- hashed_details_length =
spprintf(&hashed_details, 0, "mssql_%s__", Z_STRVAL_PP(yyhost));
+ hashed_details_length =
spprintf(&hashed_details, 0, "mssql_%s__", host);
}
break;
case 2: {
@@ -420,8 +423,14 @@
convert_to_string_ex(yyuser);
host = Z_STRVAL_PP(yyhost);
user = Z_STRVAL_PP(yyuser);
+ if(strlen(host)>255) {
+ host[255] = '\0';
+ }
+ if(strlen(user)>255) {
+ user[255] = '\0';
+ }
passwd=NULL;
- hashed_details_length =
spprintf(&hashed_details, 0,
"mssql_%s_%s_",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser));
+ hashed_details_length =
spprintf(&hashed_details, 0, "mssql_%s_%s_", host, user);
}
break;
case 3: {
@@ -436,7 +445,16 @@
host = Z_STRVAL_PP(yyhost);
user = Z_STRVAL_PP(yyuser);
passwd = Z_STRVAL_PP(yypasswd);
- hashed_details_length =
spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd));
+ if(strlen(host)>255) {
+ host[255] = '\0';
+ }
+ if(strlen(user)>255) {
+ user[255] = '\0';
+ }
+ if(strlen(passwd)>255) {
+ passwd[255] = '\0';
+ }
+ hashed_details_length =
spprintf(&hashed_details,0,"mssql_%s_%s_%s", host, user, passwd);
}
break;
case 4: {
@@ -453,7 +471,16 @@
user = Z_STRVAL_PP(yyuser);
passwd = Z_STRVAL_PP(yypasswd);
new_link = Z_LVAL_PP(yynew_link);
- hashed_details_length =
spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd));
+ if(strlen(host)>255) {
+ host[255] = '\0';
+ }
+ if(strlen(user)>255) {
+ user[255] = '\0';
+ }
+ if(strlen(passwd)>255) {
+ passwd[255] = '\0';
+ }
+ hashed_details_length =
spprintf(&hashed_details,0,"mssql_%s_%s_%s", host, user, passwd);
}
break;
default:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
