Don't use unsafe sprintf()

author: Zeev Suraski <zeev@php.net> 2000-09-09 15:06:38 +0000
committer: Zeev Suraski <zeev@php.net> 2000-09-09 15:06:38 +0000
commit: 4acff8f37f59bded8e613cccf474c1576a8334b4 (patch)
tree: 4db7671da00bcb2ec8ee2c3cf85dc9a34808a053 /Zend/zend.c
parent: b7ecaacd07b6be07677ed694b5dbc51b609c4263 (diff)
download: php-git-4acff8f37f59bded8e613cccf474c1576a8334b4.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/Zend/zend.c b/Zend/zend.c
index 8e706b2481..2c2fa082ae 100644
--- a/Zend/zend.c
+++ b/Zend/zend.c
@@ -615,12 +615,13 @@ ZEND_API void zend_error(int type, const char *format, ...)
 
 #ifdef HAVE_VSNPRINTF
 			z_error_message->value.str.len = vsnprintf(z_error_message->value.str.val, ZEND_ERROR_BUFFER_SIZE, format, args);
-			if(z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
+			if (z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
 				z_error_message->value.str.len = ZEND_ERROR_BUFFER_SIZE-1;
 			}
 #else
+			strncpy(z_error_message->value.str.val, format, ZEND_ERROR_BUFFER_SIZE);
 			/* This is risky... */
-			z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args);
+			/* z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args); */
 #endif
 			z_error_message->type = IS_STRING;
author	Zeev Suraski <zeev@php.net>	2000-09-09 15:06:38 +0000
committer	Zeev Suraski <zeev@php.net>	2000-09-09 15:06:38 +0000
commit	4acff8f37f59bded8e613cccf474c1576a8334b4 (patch)
tree	4db7671da00bcb2ec8ee2c3cf85dc9a34808a053 /Zend/zend.c
parent	b7ecaacd07b6be07677ed694b5dbc51b609c4263 (diff)
download	php-git-4acff8f37f59bded8e613cccf474c1576a8334b4.tar.gz