diff options
| author | Xinchen Hui <laruence@gmail.com> | 2018-04-10 16:33:51 +0800 | 
|---|---|---|
| committer | Xinchen Hui <laruence@gmail.com> | 2018-04-10 16:33:51 +0800 | 
| commit | 085999c16cea3bd6ec8a8614633c1e9fc750eec7 (patch) | |
| tree | 9cb8c239a237c6e1cd52afcbdf99d1840fb1a5dc /sapi/phpdbg/phpdbg_io.c | |
| parent | 14de058086d76ac344fde67fc343023fc00279a9 (diff) | |
| parent | 22a8ea2a0aee3efe66aa5bb0c8f169fdb1ef3b99 (diff) | |
| download | php-git-085999c16cea3bd6ec8a8614633c1e9fc750eec7.tar.gz | |
Merge branch 'PHP-7.2'
* PHP-7.2:
  Update NEWS
  Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite)
Diffstat (limited to 'sapi/phpdbg/phpdbg_io.c')
| -rw-r--r-- | sapi/phpdbg/phpdbg_io.c | 21 | 
1 files changed, 8 insertions, 13 deletions
| diff --git a/sapi/phpdbg/phpdbg_io.c b/sapi/phpdbg/phpdbg_io.c index 93040e7690..150647aa7e 100644 --- a/sapi/phpdbg/phpdbg_io.c +++ b/sapi/phpdbg/phpdbg_io.c @@ -290,7 +290,7 @@ PHPDBG_API int phpdbg_create_listenable_socket(const char *addr, unsigned short  			}  		} -		snprintf(port_buf, 7, "%u", port); +		snprintf(port_buf, sizeof(port_buf), "%u", port);  		if (!any_addr) {  			rc = getaddrinfo(addr, port_buf, &hints, &res);  		} else { @@ -301,20 +301,18 @@ PHPDBG_API int phpdbg_create_listenable_socket(const char *addr, unsigned short  #ifndef PHP_WIN32  			if (rc == EAI_SYSTEM) {  				char buf[128]; -				int wrote; -				wrote = snprintf(buf, 128, "Could not translate address '%s'", addr); -				buf[wrote] = '\0'; +				snprintf(buf, sizeof(buf), "Could not translate address '%s'", addr); +  				zend_quiet_write(PHPDBG_G(io)[PHPDBG_STDERR].fd, buf, strlen(buf));  				return sock;  			} else {  #endif  				char buf[256]; -				int wrote; -				wrote = snprintf(buf, 256, "Host '%s' not found. %s", addr, estrdup(gai_strerror(rc))); -				buf[wrote] = '\0'; +				snprintf(buf, sizeof(buf), "Host '%s' not found. %s", addr, estrdup(gai_strerror(rc))); +  				zend_quiet_write(PHPDBG_G(io)[PHPDBG_STDERR].fd, buf, strlen(buf));  				return sock; @@ -324,13 +322,10 @@ PHPDBG_API int phpdbg_create_listenable_socket(const char *addr, unsigned short  			return sock;  		} -		if((sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) == -1) { -			char buf[128]; -			int wrote; +		if ((sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) == -1) { +			const char *msg = "Unable to create socket"; -			wrote = sprintf(buf, "Unable to create socket"); -			buf[wrote] = '\0'; -			zend_quiet_write(PHPDBG_G(io)[PHPDBG_STDERR].fd, buf, strlen(buf)); +			zend_quiet_write(PHPDBG_G(io)[PHPDBG_STDERR].fd, msg, strlen(msg));  			return sock;  		} | 
