diff options
author | Uwe Schindler <thetaphi@php.net> | 2004-05-03 12:23:25 +0000 |
---|---|---|
committer | Uwe Schindler <thetaphi@php.net> | 2004-05-03 12:23:25 +0000 |
commit | b39a1e5195c5c8adc6a2ddd5c233efe3347982f3 (patch) | |
tree | 1a273430f39acd9976485be84a57d0c570dc5c7e /sapi | |
parent | fc4500f7ec7bc489824ae9dda5680c4a4a201bc3 (diff) | |
download | php-git-b39a1e5195c5c8adc6a2ddd5c233efe3347982f3.tar.gz |
Security fix: Put '\0' string termination before loop
Diffstat (limited to 'sapi')
-rw-r--r-- | sapi/nsapi/nsapi.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c index 6ead0b747c..1855412262 100644 --- a/sapi/nsapi/nsapi.c +++ b/sapi/nsapi/nsapi.c @@ -617,13 +617,13 @@ static void sapi_nsapi_register_server_variables(zval *track_vars_array TSRMLS_D while (entry) { if (!PG(safe_mode) || strncasecmp(entry->param->name, "authorization", 13)) { snprintf(buf, NS_BUF_SIZE, "HTTP_%s", entry->param->name); + buf[NS_BUF_SIZE]='\0'; for(p = buf + 5; *p; p++) { *p = toupper(*p); if (*p < 'A' || *p > 'Z') { *p = '_'; } } - buf[NS_BUF_SIZE]='\0'; php_register_variable(buf, entry->param->value, track_vars_array TSRMLS_CC); } entry=entry->next; |