Wouldn't it look better to use sizeof() instead of a macro? Moriyoshi
"Edin Kadribasic" <[EMAIL PROTECTED]> wrote: > edink Fri Nov 22 10:47:44 2002 EDT > > Modified files: (Branch: PHP_4_3) > /php4/sapi/cgi cgi_main.c > Log: > MFH: Avoid possible buffer overflow. > > > Index: php4/sapi/cgi/cgi_main.c > diff -u php4/sapi/cgi/cgi_main.c:1.190.2.4 php4/sapi/cgi/cgi_main.c:1.190.2.5 > --- php4/sapi/cgi/cgi_main.c:1.190.2.4 Fri Nov 22 08:50:40 2002 > +++ php4/sapi/cgi/cgi_main.c Fri Nov 22 10:47:44 2002 > @@ -234,10 +234,11 @@ > } > } > > +#define SAPI_CGI_MAX_HEADER_LENGTH 1024 > > static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) > { > - char buf[1024]; > + char buf[SAPI_CGI_MAX_HEADER_LENGTH]; > sapi_header_struct *h; > zend_llist_position pos; > long rfc2616_headers = 0; > @@ -255,7 +256,13 @@ > int len; > > if (rfc2616_headers) { > - len = sprintf(buf, "%s\r\n", >SG(sapi_headers).http_status_line); > + len = snprintf(buf, SAPI_CGI_MAX_HEADER_LENGTH, > + "%s\r\n", >SG(sapi_headers).http_status_line); > + > + if (len > SAPI_CGI_MAX_HEADER_LENGTH) { > + len = SAPI_CGI_MAX_HEADER_LENGTH; > + } > + > } else { > len = sprintf(buf, "Status: %d\r\n", >SG(sapi_headers).http_response_code); > } > > > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php