iliaa Thu Dec 28 15:09:29 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/main php_logos.c /php-src/ext/standard proc_open.c Log: Simplify code and eliminate strcat() usage http://cvs.php.net/viewvc.cgi/php-src/main/php_logos.c?r1=1.19.2.1.2.2&r2=1.19.2.1.2.3&diff_format=u Index: php-src/main/php_logos.c diff -u php-src/main/php_logos.c:1.19.2.1.2.2 php-src/main/php_logos.c:1.19.2.1.2.3 --- php-src/main/php_logos.c:1.19.2.1.2.2 Sat Aug 12 19:33:54 2006 +++ php-src/main/php_logos.c Thu Dec 28 15:09:29 2006 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_logos.c,v 1.19.2.1.2.2 2006/08/12 19:33:54 nlopess Exp $ */ +/* $Id: php_logos.c,v 1.19.2.1.2.3 2006/12/28 15:09:29 iliaa Exp $ */ #include "php.h" #include "logos.h" @@ -78,13 +78,12 @@ if(FAILURE==zend_hash_find(&phpinfo_logo_hash, (char *) logo_string, strlen(logo_string), (void **)&logo_image)) return 0; - len=strlen(CONTENT_TYPE_HEADER)+logo_image->mimelen; - content_header=malloc(len+1); - if(!content_header) return 0; - strcpy(content_header, CONTENT_TYPE_HEADER); - strcat(content_header, logo_image->mimetype); - sapi_add_header(content_header, len, 1); - free(content_header); + len = sizeof(CONTENT_TYPE_HEADER) - 1 + logo_image->mimelen; + content_header = emalloc(len + 1); + memcpy(content_header, CONTENT_TYPE_HEADER, sizeof(CONTENT_TYPE_HEADER) - 1); + memcpy(content_header + sizeof(CONTENT_TYPE_HEADER) - 1 , logo_image->mimetype, logo_image->mimelen); + content_header[len] = '\0'; + sapi_add_header(content_header, len, 0); PHPWRITE(logo_image->data, logo_image->size); return 1; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/proc_open.c?r1=1.36.2.1.2.1&r2=1.36.2.1.2.2&diff_format=u Index: php-src/ext/standard/proc_open.c diff -u php-src/ext/standard/proc_open.c:1.36.2.1.2.1 php-src/ext/standard/proc_open.c:1.36.2.1.2.2 --- php-src/ext/standard/proc_open.c:1.36.2.1.2.1 Thu Jun 1 14:03:49 2006 +++ php-src/ext/standard/proc_open.c Thu Dec 28 15:09:29 2006 @@ -15,7 +15,7 @@ | Author: Wez Furlong <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: proc_open.c,v 1.36.2.1.2.1 2006/06/01 14:03:49 tony2001 Exp $ */ +/* $Id: proc_open.c,v 1.36.2.1.2.2 2006/12/28 15:09:29 iliaa Exp $ */ #if 0 && (defined(__linux__) || defined(sun) || defined(__IRIX__)) # define _BSD_SOURCE /* linux wants this when XOPEN mode is on */ @@ -248,7 +248,7 @@ /* {{{ php_make_safe_mode_command */ static int php_make_safe_mode_command(char *cmd, char **safecmd, int is_persistent TSRMLS_DC) { - int lcmd, larg0, ldir, len, overflow_limit; + int lcmd, larg0; char *space, *sep, *arg0; if (!PG(safe_mode)) { @@ -257,42 +257,27 @@ } lcmd = strlen(cmd); - ldir = strlen(PG(safe_mode_exec_dir)); - len = lcmd + ldir + 2; - overflow_limit = len; - arg0 = emalloc(len); - - strcpy(arg0, cmd); - - space = strchr(arg0, ' '); + arg0 = estrndup(cmd, lcmd); + + space = memchr(arg0, ' ', lcmd); if (space) { *space = '\0'; + larg0 = space - arg0; + } else { + larg0 = lcmd; } - larg0 = strlen(arg0); - if (strstr(arg0, "..")) { + if (php_memnstr(arg0, "..", sizeof("..")-1, arg0 + larg0)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path"); efree(arg0); return FAILURE; } - *safecmd = emalloc(len); - strcpy(*safecmd, PG(safe_mode_exec_dir)); - overflow_limit -= ldir; - - sep = strrchr(arg0, PHP_DIR_SEPARATOR); - if (sep) { - strcat(*safecmd, sep); - overflow_limit -= strlen(sep); - } else { - strcat(*safecmd, "/"); - strcat(*safecmd, arg0); - overflow_limit -= larg0 + 1; - } - if (space) { - strncat(*safecmd, cmd + larg0, overflow_limit); - } + sep = zend_memrchr(arg0, PHP_DIR_SEPARATOR, larg0); + + spprintf(safecmd, 0, "%s%c%s%s", PG(safe_mode_exec_dir), (sep ? *sep : '/'), (sep ? "" : arg0), (space ? cmd + larg0 : "")); + efree(arg0); arg0 = php_escape_shell_cmd(*safecmd); efree(*safecmd);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php