standard string.c

Moriyoshi Koizumi Mon, 24 Feb 2003 14:18:33 -0800

moriyoshi               Mon Feb 24 17:19:37 2003 EDT

  Modified files:              
    /php4/ext/standard  string.c 
  Log:
  Fixed possible buffer overflow of php_strip_tags
  
  
Index: php4/ext/standard/string.c
diff -u php4/ext/standard/string.c:1.360 php4/ext/standard/string.c:1.361
--- php4/ext/standard/string.c:1.360    Mon Feb 24 17:01:12 2003
+++ php4/ext/standard/string.c  Mon Feb 24 17:19:36 2003
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: string.c,v 1.360 2003/02/24 22:01:12 moriyoshi Exp $ */
+/* $Id: string.c,v 1.361 2003/02/24 22:19:36 moriyoshi Exp $ */
 
 /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */
 
@@ -3746,7 +3746,9 @@
                c = *(++p);
                i++;
        }       
-       *rp = '\0';
+       if (rp < rbuf + len) {
+               *rp = '\0';
+       }
        efree(buf);
        if (allow)
                efree(tbuf);




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php4 /ext/standard string.c

Reply via email to