summaryrefslogtreecommitdiff
path: root/ext/sqlite/sqlite.c
diff options
context:
space:
mode:
authorIlia Alshanetsky <iliaa@php.net>2004-02-27 00:29:10 +0000
committerIlia Alshanetsky <iliaa@php.net>2004-02-27 00:29:10 +0000
commitc856e821d0609a6b1f7e97f721ac1473887b11da (patch)
treead518b7e2c930ad1c85c3d185897528af620616e /ext/sqlite/sqlite.c
parent29500c867d5f478e8b4fa5700d64af03529bae71 (diff)
downloadphp-git-c856e821d0609a6b1f7e97f721ac1473887b11da.tar.gz
Fixed possible crash inside sqlite_escape_string() and
sqlite_udf_encode_binary().
Diffstat (limited to 'ext/sqlite/sqlite.c')
-rw-r--r--ext/sqlite/sqlite.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/sqlite/sqlite.c b/ext/sqlite/sqlite.c
index d923045125..a16603b578 100644
--- a/ext/sqlite/sqlite.c
+++ b/ext/sqlite/sqlite.c
@@ -2604,7 +2604,7 @@ PHP_FUNCTION(sqlite_escape_string)
/* binary string */
int enclen;
- ret = emalloc( 1 + ((256 * stringlen + 1262) / 253) );
+ ret = emalloc( 1 + 5 + stringlen * (256 / 253) );
ret[0] = '\x01';
enclen = php_sqlite_encode_binary(string, stringlen, ret+1);
RETVAL_STRINGL(ret, enclen+1, 0);
@@ -2834,7 +2834,7 @@ PHP_FUNCTION(sqlite_udf_encode_binary)
int enclen;
char *ret;
- ret = emalloc( 1 + ((256 * datalen + 1262) / 253) );
+ ret = emalloc( 1 + 5 + datalen * (256 / 253) );
ret[0] = '\x01';
enclen = php_sqlite_encode_binary(data, datalen, ret+1);
RETVAL_STRINGL(ret, enclen+1, 0);
View Lorry Controller Status