diff options
| author | Stanislav Malyshev <stas@php.net> | 2014-08-19 01:34:38 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2014-08-19 01:34:38 -0700 |
| commit | ff6b30c8185ae204deeae8ebb146582919c4ced0 (patch) | |
| tree | b765826925eda6019edb4eee529a1eb892d72ca3 /main | |
| parent | 6070757c77a226fecce5f2d029084cf68c979762 (diff) | |
| parent | fae17a00f556b7c1a2221289c46403bfb4367034 (diff) | |
| download | php-git-ff6b30c8185ae204deeae8ebb146582919c4ced0.tar.gz | |
Merge branch 'PHP-5.6'
* PHP-5.6:
5.4.32
fix potentially missing NUL termination
Fix bug #67730 - Null byte injection possible with imagexxx functions
Fixed bug #67717 - segfault in dns_get_record
Fix bug #67716 - Segfault in cdf.c
5.4.32 RC1
Diffstat (limited to 'main')
| -rw-r--r-- | main/network.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/main/network.c b/main/network.c index 74855064d7..366e52c90b 100644 --- a/main/network.c +++ b/main/network.c @@ -1006,6 +1006,7 @@ PHPAPI char *php_socket_strerror(long err, char *buf, size_t bufsize) buf = estrdup(errstr); } else { strncpy(buf, errstr, bufsize); + buf[bufsize?(bufsize-1):0] = 0; } return buf; #else @@ -1030,6 +1031,7 @@ PHPAPI char *php_socket_strerror(long err, char *buf, size_t bufsize) buf = estrdup(sysbuf); } else { strncpy(buf, sysbuf, bufsize); + buf[bufsize?(bufsize-1):0] = 0; } if (free_it) { |