Don't use unsafe sprintf()

author Zeev Suraski <zeev@php.net>

Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)

committer Zeev Suraski <zeev@php.net>

Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)
author Zeev Suraski <zeev@php.net>
Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)
committer Zeev Suraski <zeev@php.net>
Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)
diff --git a/Zend/zend.c b/Zend/zend.c

index 8e706b2481db6afd3418ae41c27f2541b31198c9..2c2fa082ae3565ce4f986654ee8bffcd0b68f28a 100644 (file)
--- a/Zend/zend.c
+++ b/Zend/zend.c
@@ -615,12 +615,13 @@ ZEND_API void zend_error(int type, const char *format, ...)
  
  #ifdef HAVE_VSNPRINTF
                         z_error_message->value.str.len = vsnprintf(z_error_message->value.str.val, ZEND_ERROR_BUFFER_SIZE, format, args);
-                       if(z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
+                       if (z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
                                 z_error_message->value.str.len = ZEND_ERROR_BUFFER_SIZE-1;
                         }
  #else
+                       strncpy(z_error_message->value.str.val, format, ZEND_ERROR_BUFFER_SIZE);
                         /* This is risky... */
-                       z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args);
+                       /* z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args); */
  #endif
                         z_error_message->type = IS_STRING;
author	Zeev Suraski <zeev@php.net>
	Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)
committer	Zeev Suraski <zeev@php.net>
	Sat, 9 Sep 2000 15:06:38 +0000 (15:06 +0000)