Fix a couple of buffer overflows in mcrypt.c

author: Zeev Suraski <zeev@php.net> 2001-07-10 12:57:28 +0000
committer: Zeev Suraski <zeev@php.net> 2001-07-10 12:57:28 +0000
commit: 4bbb8a001e71f746d9ec19ad60c88a237c6bfd9f (patch)
tree: e606367bc1d0439e7d1d1258b6acfc4e721ca956
parent: 48cbbbb3db209a63adfc6b53eb11e73a3cd98b31 (diff)
download: php-git-4bbb8a001e71f746d9ec19ad60c88a237c6bfd9f.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c
index 2656892bb9..a31a62b8a7 100644
--- a/ext/mcrypt/mcrypt.c
+++ b/ext/mcrypt/mcrypt.c
@@ -1251,7 +1251,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo
 	else if (count == 1) {  /* only m_k_l = OK */
 		key_s = emalloc (key_length_sizes[0]);
 		memset (key_s, 0, key_length_sizes[0]);
-		memcpy (key_s, Z_STRVAL_PP(key), Z_STRLEN_PP(key));
+		memcpy (key_s, Z_STRVAL_PP(key), MIN(Z_STRLEN_PP(key), key_length_sizes[0]));
 		use_key_length = key_length_sizes[0];
 	}
 	else { /* derterminating smallest supported key > length of requested key */
@@ -1265,7 +1265,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo
 		}
 		key_s = emalloc (use_key_length);
 		memset (key_s, 0, use_key_length);
-		memcpy (key_s, Z_STRVAL_PP(key), Z_STRLEN_PP(key));
+		memcpy (key_s, Z_STRVAL_PP(key), MIN(Z_STRLEN_PP(key), use_key_length));
 	}
 	mcrypt_free (key_length_sizes);
author	Zeev Suraski <zeev@php.net>	2001-07-10 12:57:28 +0000
committer	Zeev Suraski <zeev@php.net>	2001-07-10 12:57:28 +0000
commit	4bbb8a001e71f746d9ec19ad60c88a237c6bfd9f (patch)
tree	e606367bc1d0439e7d1d1258b6acfc4e721ca956
parent	48cbbbb3db209a63adfc6b53eb11e73a3cd98b31 (diff)
download	php-git-4bbb8a001e71f746d9ec19ad60c88a237c6bfd9f.tar.gz