summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStanislav Malyshev <stas@php.net>2000-09-08 12:32:29 +0000
committerStanislav Malyshev <stas@php.net>2000-09-08 12:32:29 +0000
commit6426d1c9ce06969fd18e81949e18ee76fa27da1c (patch)
tree5e4483b2b3e9b26e4ce0ec48fbd493ebbe7adc74
parent24b2feff633ef653781cc0e8231e1be3fe917c8b (diff)
downloadphp-git-6426d1c9ce06969fd18e81949e18ee76fa27da1c.tar.gz
Fix crash on very long error messages
Manual for snprintf says: If the output was truncated, the return value is -1, oth- erwise it is the number of characters stored, not includ- ing the terminating null. And that's a blatant lie - in reality, libc 2.1 always returns number of characters that _would be_ stored. I hate those libc bugs. Now we should go and check every place we trusted snprintf return value.
-rw-r--r--main/main.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/main/main.c b/main/main.c
index 50dffa369b..43dd9e6886 100644
--- a/main/main.c
+++ b/main/main.c
@@ -334,6 +334,9 @@ static void php_error_cb(int type, const char *error_filename, const uint error_
buffer_len = vsnprintf(buffer, sizeof(buffer)-1, format, args);
buffer[sizeof(buffer)-1]=0;
+ if(buffer_len > sizeof(buffer) - 1 || buffer_len < 0) {
+ buffer_len = sizeof(buffer) - 1;
+ }
/* display/log the error if necessary */
if ((EG(error_reporting) & type || (type & E_CORE))