- Implemented FR#35638 (Adding udate to imap_fetch_overview results).
(Charles_Duffy at dell dot com )
-- Fixed possible buffer overflow in mysqlnd_list_fields. (Andrey)
+- Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user
+ (Andrey)
- Fixed handling of session variable serialization on certain prefix
characters. Reported by Stefan Esser (Ilia)
/*
User could be max 16 * 3 (utf8), pass is 20 usually, db is up to 64*3
Stack space is not that expensive, so use a bit more to be protected against
- stack overrungs.
+ buffer overflows.
*/
size_t user_len;
enum_func_status ret;
}
/* 1. user ASCIIZ */
- user_len = MIN(strlen(user), MYSQLND_MAX_ALLOWED_DB_LEN);
+ user_len = MIN(strlen(user), MYSQLND_MAX_ALLOWED_USER_LEN);
memcpy(p, user, user_len);
p += user_len;
*p++ = '\0';
/* 3. db ASCIIZ */
if (db[0]) {
- size_t db_len = strlen(db);
- memcpy(p, db, MIN(db_len, MYSQLND_MAX_ALLOWED_DB_LEN));
+ size_t db_len = MIN(strlen(db), MYSQLND_MAX_ALLOWED_DB_LEN);
+ memcpy(p, db, db_len);
p += db_len;
}
*p++ = '\0';
projects / php / commitdiff