summaryrefslogtreecommitdiff
path: root/ext/odbc/php_odbc.c
diff options
context:
space:
mode:
authorPierre Joye <pajoye@php.net>2010-11-18 15:22:22 +0000
committerPierre Joye <pajoye@php.net>2010-11-18 15:22:22 +0000
commitce96fd6b0761d98353761bf78d5bfb55291179fd (patch)
tree0b66c858477f5ac7472bf35b842f89cdf4dce151 /ext/odbc/php_odbc.c
parent75631ab8ac231f141286428fd871ad31f2d71588 (diff)
downloadphp-git-ce96fd6b0761d98353761bf78d5bfb55291179fd.tar.gz
- fix #39863, do not accept paths with NULL in them. See http://news.php.net/php.internals/50191, trunk will have the patch later (adding a macro and/or changing (some) APIs. Patch by Rasmus
Diffstat (limited to 'ext/odbc/php_odbc.c')
-rw-r--r--ext/odbc/php_odbc.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
index 907d1ca8e3..01fbe38319 100644
--- a/ext/odbc/php_odbc.c
+++ b/ext/odbc/php_odbc.c
@@ -1317,8 +1317,11 @@ PHP_FUNCTION(odbc_execute)
if (Z_STRLEN_PP(tmp) > 2 &&
Z_STRVAL_PP(tmp)[0] == '\'' &&
Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') {
+ if (strlen(tmp) != Z_STRLEN_PP(tmp)) {
+ RETURN_FALSE;
+ }
+
filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2);
- filename[strlen(filename)] = '\0';
/* Check for safe mode. */
if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
View Lorry Controller Status