diff options
| author | Marcus Boerger <helly@php.net> | 2007-02-24 02:17:47 +0000 |
|---|---|---|
| committer | Marcus Boerger <helly@php.net> | 2007-02-24 02:17:47 +0000 |
| commit | 50ea26760da4e0fcf4980e739e1d0ed520de8d59 (patch) | |
| tree | 888a32ce58864f5318a7f1072f8526c6a99212f9 /ext/mssql/php_mssql.c | |
| parent | 3e262bd36989898ac01224f0a987e79f44d25b31 (diff) | |
| download | php-git-50ea26760da4e0fcf4980e739e1d0ed520de8d59.tar.gz | |
- Avoid sprintf, even when checked copy'n'paste or changes lead to errors
Diffstat (limited to 'ext/mssql/php_mssql.c')
| -rw-r--r-- | ext/mssql/php_mssql.c | 36 |
1 files changed, 13 insertions, 23 deletions
diff --git a/ext/mssql/php_mssql.c b/ext/mssql/php_mssql.c index 764151a3d3..417c3110c4 100644 --- a/ext/mssql/php_mssql.c +++ b/ext/mssql/php_mssql.c @@ -373,9 +373,9 @@ PHP_MINFO_FUNCTION(mssql) php_info_print_table_start(); php_info_print_table_header(2, "MSSQL Support", "enabled"); - sprintf(buf, "%ld", MS_SQL_G(num_persistent)); + snprintf(buf, sizeof(buf), "%ld", MS_SQL_G(num_persistent)); php_info_print_table_row(2, "Active Persistent Links", buf); - sprintf(buf, "%ld", MS_SQL_G(num_links)); + snprintf(buf, sizeof(buf), "%ld", MS_SQL_G(num_links)); php_info_print_table_row(2, "Active Links", buf); php_info_print_table_row(2, "Library version", MSSQL_VERSION); @@ -391,7 +391,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) char *hashed_details; int hashed_details_length, new_link = 0; mssql_link mssql, *mssql_ptr; - char buffer[32]; + char buffer[40]; switch(ZEND_NUM_ARGS()) { case 0: /* defaults */ @@ -409,9 +409,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) convert_to_string_ex(yyhost); host = Z_STRVAL_PP(yyhost); user=passwd=NULL; - hashed_details_length = Z_STRLEN_PP(yyhost)+5+3; - hashed_details = (char *) emalloc(hashed_details_length+1); - sprintf(hashed_details,"mssql_%s__",Z_STRVAL_PP(yyhost)); + hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s__", Z_STRVAL_PP(yyhost)); } break; case 2: { @@ -425,9 +423,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) host = Z_STRVAL_PP(yyhost); user = Z_STRVAL_PP(yyuser); passwd=NULL; - hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+5+3; - hashed_details = (char *) emalloc(hashed_details_length+1); - sprintf(hashed_details,"mssql_%s_%s_",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser)); + hashed_details_length = spprintf(&hashed_details, 0, "mssql_%s_%s_",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser)); } break; case 3: { @@ -442,9 +438,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) host = Z_STRVAL_PP(yyhost); user = Z_STRVAL_PP(yyuser); passwd = Z_STRVAL_PP(yypasswd); - hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+Z_STRLEN_PP(yypasswd)+5+3; - hashed_details = (char *) emalloc(hashed_details_length+1); - sprintf(hashed_details,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); /* SAFE */ + hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); } break; case 4: { @@ -461,9 +455,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) user = Z_STRVAL_PP(yyuser); passwd = Z_STRVAL_PP(yypasswd); new_link = Z_LVAL_PP(yynew_link); - hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+Z_STRLEN_PP(yypasswd)+5+3; - hashed_details = (char *) emalloc(hashed_details_length+1); - sprintf(hashed_details,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); /* SAFE */ + hashed_details_length = spprintf(&hashed_details,0,"mssql_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); } break; default: @@ -554,7 +546,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) #ifndef HAVE_FREETDS if (MS_SQL_G(textlimit) != -1) { - sprintf(buffer, "%li", MS_SQL_G(textlimit)); + snprintf(buffer, sizeof(buffer), "%li", MS_SQL_G(textlimit)); if (DBSETOPT(mssql.link, DBTEXTLIMIT, buffer)==FAIL) { efree(hashed_details); dbfreelogin(mssql.login); @@ -564,7 +556,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } #endif if (MS_SQL_G(textsize) != -1) { - sprintf(buffer, "SET TEXTSIZE %li", MS_SQL_G(textsize)); + snprintf(buffer, sizeof(buffer), "SET TEXTSIZE %li", MS_SQL_G(textsize)); dbcmd(mssql.link, buffer); dbsqlexec(mssql.link); dbresults(mssql.link); @@ -681,7 +673,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) #ifndef HAVE_FREETDS if (MS_SQL_G(textlimit) != -1) { - sprintf(buffer, "%li", MS_SQL_G(textlimit)); + snprintf(buffer, sizeof(buffer), "%li", MS_SQL_G(textlimit)); if (DBSETOPT(mssql.link, DBTEXTLIMIT, buffer)==FAIL) { efree(hashed_details); dbfreelogin(mssql.login); @@ -691,7 +683,7 @@ static void php_mssql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } #endif if (MS_SQL_G(textsize) != -1) { - sprintf(buffer, "SET TEXTSIZE %li", MS_SQL_G(textsize)); + snprintf(buffer, sizeof(buffer), "SET TEXTSIZE %li", MS_SQL_G(textsize)); dbcmd(mssql.link, buffer); dbsqlexec(mssql.link); dbresults(mssql.link); @@ -929,8 +921,7 @@ static void php_mssql_get_column_content_with_type(mssql_link *mssql_ptr,int off } res_length = 19; - res_buf = (unsigned char *) emalloc(res_length+1); - sprintf(res_buf, "%d-%02d-%02d %02d:%02d:%02d" , dateinfo.year, dateinfo.month, dateinfo.day, dateinfo.hour, dateinfo.minute, dateinfo.second); + spprintf(&res_buf, 0, "%d-%02d-%02d %02d:%02d:%02d" , dateinfo.year, dateinfo.month, dateinfo.day, dateinfo.hour, dateinfo.minute, dateinfo.second); } ZVAL_STRINGL(result, res_buf, res_length, 0); @@ -999,8 +990,7 @@ static void php_mssql_get_column_content_without_type(mssql_link *mssql_ptr,int } res_length = 19; - res_buf = (unsigned char *) emalloc(res_length+1); - sprintf(res_buf, "%d-%02d-%02d %02d:%02d:%02d" , dateinfo.year, dateinfo.month, dateinfo.day, dateinfo.hour, dateinfo.minute, dateinfo.second); + spprintf(&res_buf, 0, "%d-%02d-%02d %02d:%02d:%02d" , dateinfo.year, dateinfo.month, dateinfo.day, dateinfo.hour, dateinfo.minute, dateinfo.second); } ZVAL_STRINGL(result, res_buf, res_length, 0); |