[PHP-CVS] cvs: php-src /main main.c

Wed, 07 Dec 2005 01:02:57 -0800 

dmitry          Wed Dec  7 04:00:33 2005 EDT

  Modified files:              
    /php-src/main       main.c 
  Log:
  Fixed memory overflow, because usage of initialized value
  
  
http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.657&r2=1.658&ty=u
Index: php-src/main/main.c
diff -u php-src/main/main.c:1.657 php-src/main/main.c:1.658
--- php-src/main/main.c:1.657   Tue Dec  6 21:37:35 2005
+++ php-src/main/main.c Wed Dec  7 04:00:29 2005
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: main.c,v 1.657 2005/12/07 02:37:35 iliaa Exp $ */
+/* $Id: main.c,v 1.658 2005/12/07 09:00:29 dmitry Exp $ */
 
 /* {{{ includes
  */
@@ -556,6 +556,7 @@
        char *origin;
        char *message;
        char *stage;
+       int function_name_is_string = 1;
 
        /* get error text into buffer and escape for html if necessary */
        buffer_len = vspprintf(&buffer, 0, format, args);
@@ -595,6 +596,7 @@
                                stage = "Unknown";
                }
        } else {
+               function_name_is_string = 0;
                function = get_active_function_name(TSRMLS_C);
                if (!function || !USTR_LEN(function)) {
                        stage = "Unknown";
@@ -604,9 +606,13 @@
 
        /* if we still have memory then format the origin */
        if (function) {
-               spprintf(&origin, 0, "%v%s%v(%s)", class_name, space, function, 
params);        
+               if (function_name_is_string) {
+                       origin_len = spprintf(&origin, 0, "%v%s%s(%s)", 
class_name, space, function, params);   
+               } else {
+                       origin_len = spprintf(&origin, 0, "%v%s%v(%s)", 
class_name, space, function, params);   
+               }
        } else {
-               spprintf(&origin, 0, "%s", stage);      
+               origin_len = spprintf(&origin, 0, "%s", stage); 
        }
 
        if (PG(html_errors)) {
@@ -614,7 +620,7 @@
                char *replace = php_escape_html_entities(origin, origin_len, 
&len, 0, ENT_COMPAT, NULL TSRMLS_CC);
                efree(origin);
                origin = replace;
-       }
+       }
 
        /* origin and buffer available, so lets come up with the error message 
*/
        if (docref && docref[0] == '#') {
@@ -624,7 +630,11 @@
 
        /* no docref given but function is known (the default) */
        if (!docref && function) {
-               spprintf(&docref_buf, 0, "function.%v", function);
+               if (function_name_is_string) {
+                       spprintf(&docref_buf, 0, "function.%s", function);
+               } else {
+                       spprintf(&docref_buf, 0, "function.%v", function);
+               }
                while((p = strchr(docref_buf, '_')) != NULL) {
                        *p = '-';
                }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to