diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:50:08 -0800 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:50:08 -0800 |
| commit | 141b14454c499d8549067cf9ba704c96ce8d0f8c (patch) | |
| tree | 867f7284337306c6c352b2761902ce0589f666a1 /ext | |
| parent | 02fcbe08028361d13785fc90ed9460385af4e549 (diff) | |
| parent | 6a960b6d1b2b3cdbce7d6faf9e58087297a45887 (diff) | |
| download | php-git-141b14454c499d8549067cf9ba704c96ce8d0f8c.tar.gz | |
Merge branch 'PHP-5.6'
* PHP-5.6:
Use better constant since MAXHOSTNAMELEN may mean shorter name
use right sizeof for memset
Conflicts:
ext/sockets/sockaddr_conv.c
ext/standard/dns.c
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/sockets/sockaddr_conv.c | 8 | ||||
| -rw-r--r-- | ext/standard/dns.c | 8 | ||||
| -rw-r--r-- | ext/standard/tests/network/bug68925.phpt | 4 |
3 files changed, 8 insertions, 12 deletions
diff --git a/ext/sockets/sockaddr_conv.c b/ext/sockets/sockaddr_conv.c index 24c206ac1d..344c806049 100644 --- a/ext/sockets/sockaddr_conv.c +++ b/ext/sockets/sockaddr_conv.c @@ -9,11 +9,7 @@ #include <arpa/inet.h> #endif -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 255 -#endif - -extern int php_string_to_if_index(const char *val, unsigned *out); +extern int php_string_to_if_index(const char *val, unsigned *out TSRMLS_DC); #if HAVE_IPV6 /* Sets addr by hostname, or by ip in string form (AF_INET6) */ @@ -94,7 +90,7 @@ int php_set_inet_addr(struct sockaddr_in *sin, char *string, php_socket *php_soc if (inet_aton(string, &tmp)) { sin->sin_addr.s_addr = tmp.s_addr; } else { - if (strlen(string) > MAXHOSTNAMELEN || ! (host_entry = gethostbyname(string))) { + if (strlen(string) > MAXFQDNLEN || ! (host_entry = gethostbyname(string))) { /* Note: < -10000 indicates a host lookup error */ #ifdef PHP_WIN32 PHP_SOCKET_ERROR(php_sock, "Host lookup failed", WSAGetLastError()); diff --git a/ext/standard/dns.c b/ext/standard/dns.c index 1cd36f10cb..0f32fde49e 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -221,9 +221,9 @@ PHP_FUNCTION(gethostbyname) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_STRINGL(hostname, hostname_len); } @@ -245,9 +245,9 @@ PHP_FUNCTION(gethostbynamel) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_FALSE; } diff --git a/ext/standard/tests/network/bug68925.phpt b/ext/standard/tests/network/bug68925.phpt index e710d72bdf..2638dd331d 100644 --- a/ext/standard/tests/network/bug68925.phpt +++ b/ext/standard/tests/network/bug68925.phpt @@ -6,8 +6,8 @@ var_dump(gethostbyname(str_repeat("0", 2501))); var_dump(gethostbynamel(str_repeat("0", 2501))); ?> --EXPECTF-- -Warning: gethostbyname(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbyname(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d string(2501) "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" -Warning: gethostbynamel(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbynamel(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d bool(false) |