make *printf() functions do not read strings past their specified length (if any)

diff --git a/configure.in b/configure.in
index 1396d6d1b6a46b740cf9fd96743137a9303a7984..11273a0d0ec37da326337d842172a1f08f8dd869 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -625,6 +625,7 @@ strcoll \
 strdup \
 strerror \
 strftime \
+strnlen \
 strptime \
 strstr \
 strtok_r \

diff --git a/main/spprintf.c b/main/spprintf.c
index ec44e219b81c80cd73a93db8c36869dc42814923..1ce9e81e3828e7abfe00716dc64dd3c00abb5ffe 100644 (file)
--- a/main/spprintf.c
+++ b/main/spprintf.c
@@ -76,6 +76,7 @@
  * SIO stdio-replacement strx_* functions by Panos Tsirigotis
  * <panos@alumni.cs.colorado.edu> for xinetd.
  */
+#define _GNU_SOURCE
 #include "php.h"
 
 #include <stddef.h>
@@ -180,6 +181,14 @@
 
 /* }}} */
 
+
+#if !HAVE_STRNLEN
+static size_t strnlen(const char *s, size_t maxlen) {
+       char *r = memchr(s, '\0', maxlen);
+       return r ? r-s : maxlen;
+}
+#endif
+
 /*
  * Do format conversion placing the output in buffer
  */
@@ -561,9 +570,11 @@ static void xbuf_format_converter(smart_str *xbuf, const char *fmt, va_list ap)
                                case 'v':
                                        s = va_arg(ap, char *);
                                        if (s != NULL) {
-                                               s_len = strlen(s);
-                                               if (adjust_precision && precision < s_len)
-                                                       s_len = precision;
+                                               if (!adjust_precision) {
+                                                       s_len = strlen(s);
+                                               } else {
+                                                       s_len = strnlen(s, precision);
+                                               }
                                        } else {
                                                s = S_NULL;
                                                s_len = S_NULL_LEN;