diff options
| author | Stanislav Malyshev <stas@php.net> | 2014-08-19 01:34:09 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2014-08-19 01:34:09 -0700 |
| commit | b278be894fcd0f2cbaee93e3f657f7f9beeb532f (patch) | |
| tree | 64a396b4b4c1b3abab6f991673e24e320cad54cc /main | |
| parent | 335d89ec4d35d68d6443c7d51f99451a58c35b46 (diff) | |
| parent | 5a7039035ce22a68130af2309ff002a611976c87 (diff) | |
| download | php-git-b278be894fcd0f2cbaee93e3f657f7f9beeb532f.tar.gz | |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
5.4.32
fix potentially missing NUL termination
Fix bug #67730 - Null byte injection possible with imagexxx functions
Fixed bug #67717 - segfault in dns_get_record
Fix bug #67716 - Segfault in cdf.c
5.4.32 RC1
Diffstat (limited to 'main')
| -rw-r--r-- | main/network.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/main/network.c b/main/network.c index fc2a94badd..f8336442d0 100644 --- a/main/network.c +++ b/main/network.c @@ -992,6 +992,7 @@ PHPAPI char *php_socket_strerror(long err, char *buf, size_t bufsize) buf = estrdup(errstr); } else { strncpy(buf, errstr, bufsize); + buf[bufsize?(bufsize-1):0] = 0; } return buf; #else @@ -1016,6 +1017,7 @@ PHPAPI char *php_socket_strerror(long err, char *buf, size_t bufsize) buf = estrdup(sysbuf); } else { strncpy(buf, sysbuf, bufsize); + buf[bufsize?(bufsize-1):0] = 0; } if (free_it) { |