diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2006-05-23 23:23:40 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2006-05-23 23:23:40 +0000 |
commit | f6753e96e352aa44464a9c93d033c76ffd5bd7c3 (patch) | |
tree | 4ed36f58a0d3e4c87b3d78010c769593f5b167a1 | |
parent | bb31f21dfb913f083ef5e440ba5245a7bd175a04 (diff) | |
download | php-git-f6753e96e352aa44464a9c93d033c76ffd5bd7c3.tar.gz |
MFH: Fixed handling of extremely long paths inside tempnam() function.
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | main/php_open_temporary_file.c | 9 |
2 files changed, 5 insertions, 5 deletions
@@ -1,6 +1,7 @@ PHP 4 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2006, Version 4.4.3 +- Fixed handling of extremely long paths inside tempnam() function. (Ilia) 21 May 2006, Version 4.4.3RC1 - Added control character checks for cURL extension's open_basedir/safe_mode diff --git a/main/php_open_temporary_file.c b/main/php_open_temporary_file.c index 93daa91495..e870db76f1 100644 --- a/main/php_open_temporary_file.c +++ b/main/php_open_temporary_file.c @@ -115,17 +115,16 @@ static int php_do_open_temporary_file(const char *path, const char *pfx, char ** path_len = strlen(path); - if (!(opened_path = emalloc(MAXPATHLEN))) { - return -1; - } - if (!path_len || IS_SLASH(path[path_len - 1])) { trailing_slash = ""; } else { trailing_slash = "/"; } - (void)snprintf(opened_path, MAXPATHLEN, "%s%s%sXXXXXX", path, trailing_slash, pfx); + if (spprintf(&opened_path, 0, "%s%s%sXXXXXX", path, trailing_slash, pfx) >= MAXPATHLEN) { + efree(opened_path); + return -1; + } #ifdef PHP_WIN32 if (GetTempFileName(path, pfx, 0, opened_path)) { |