diff options
| author | Stefan Esser <sesser@php.net> | 2004-12-01 22:37:33 +0000 |
|---|---|---|
| committer | Stefan Esser <sesser@php.net> | 2004-12-01 22:37:33 +0000 |
| commit | b1bb6f1735182ef61b51fb16743b5e6e1a649db5 (patch) | |
| tree | ce0d1f9d270924ee5c87651c74fe3690a276f2f5 | |
| parent | 4c5d71917e6c48dcfbe4de99a7c7ec3f3dc3b6be (diff) | |
| download | php-git-b1bb6f1735182ef61b51fb16743b5e6e1a649db5.tar.gz | |
Do not silently truncate
| -rw-r--r-- | main/safe_mode.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/main/safe_mode.c b/main/safe_mode.c index d0d351388d..b3119b0de5 100644 --- a/main/safe_mode.c +++ b/main/safe_mode.c @@ -55,13 +55,15 @@ PHPAPI int php_checkuid_ex(const char *filename, char *fopen_mode, int mode, int php_stream_wrapper *wrapper = NULL; TSRMLS_FETCH(); - strlcpy(filenamecopy, filename, MAXPATHLEN); - filename=(char *)&filenamecopy; - if (!filename) { return 0; /* path must be provided */ } + if (strlcpy(filenamecopy, filename, MAXPATHLEN)>=MAXPATHLEN) { + return 0; + } + filename=(char *)&filenamecopy; + if (fopen_mode) { if (fopen_mode[0] == 'r') { mode = CHECKUID_DISALLOW_FILE_NOT_EXISTS; |