diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:47:22 -0800 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:48:14 -0800 |
| commit | af1f867308ca68e82a2143f62ecd7a6f7b19ba2a (patch) | |
| tree | 421421ca2b706e063eafdc2f0ea38b0037139bf1 /ext | |
| parent | 882a375dbad4ecb1fddd9dd80f1a1350299629c1 (diff) | |
| parent | b30a6d6018705e0a9d345192eba8125ff854c167 (diff) | |
| download | php-git-af1f867308ca68e82a2143f62ecd7a6f7b19ba2a.tar.gz | |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Use better constant since MAXHOSTNAMELEN may mean shorter name
use right sizeof for memset
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/sockets/sockaddr_conv.c | 6 | ||||
| -rw-r--r-- | ext/standard/dns.c | 8 | ||||
| -rw-r--r-- | ext/standard/tests/network/bug68925.phpt | 4 |
3 files changed, 7 insertions, 11 deletions
diff --git a/ext/sockets/sockaddr_conv.c b/ext/sockets/sockaddr_conv.c index 80807dd243..961896bdab 100644 --- a/ext/sockets/sockaddr_conv.c +++ b/ext/sockets/sockaddr_conv.c @@ -9,10 +9,6 @@ #include <arpa/inet.h> #endif -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 255 -#endif - extern int php_string_to_if_index(const char *val, unsigned *out TSRMLS_DC); #if HAVE_IPV6 @@ -94,7 +90,7 @@ int php_set_inet_addr(struct sockaddr_in *sin, char *string, php_socket *php_soc if (inet_aton(string, &tmp)) { sin->sin_addr.s_addr = tmp.s_addr; } else { - if (strlen(string) > MAXHOSTNAMELEN || ! (host_entry = gethostbyname(string))) { + if (strlen(string) > MAXFQDNLEN || ! (host_entry = gethostbyname(string))) { /* Note: < -10000 indicates a host lookup error */ #ifdef PHP_WIN32 PHP_SOCKET_ERROR(php_sock, "Host lookup failed", WSAGetLastError()); diff --git a/ext/standard/dns.c b/ext/standard/dns.c index bb5f9109ed..8b93b717c6 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -222,9 +222,9 @@ PHP_FUNCTION(gethostbyname) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_STRINGL(hostname, hostname_len, 1); } addr = php_gethostbyname(hostname); @@ -247,9 +247,9 @@ PHP_FUNCTION(gethostbynamel) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_FALSE; } diff --git a/ext/standard/tests/network/bug68925.phpt b/ext/standard/tests/network/bug68925.phpt index e710d72bdf..2638dd331d 100644 --- a/ext/standard/tests/network/bug68925.phpt +++ b/ext/standard/tests/network/bug68925.phpt @@ -6,8 +6,8 @@ var_dump(gethostbyname(str_repeat("0", 2501))); var_dump(gethostbynamel(str_repeat("0", 2501))); ?> --EXPECTF-- -Warning: gethostbyname(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbyname(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d string(2501) "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" -Warning: gethostbynamel(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbynamel(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d bool(false) |