fix possible buffer overrun in the errmsg string

diff --git a/ext/interbase/interbase.c b/ext/interbase/interbase.c
index 21a0243b4383303dcecee0e39270392cae77ba30..3dfdac326ff73edebf264265c1de6564db63a8f7 100644 (file)
--- a/ext/interbase/interbase.c
+++ b/ext/interbase/interbase.c
@@ -512,7 +512,7 @@ void _php_ibase_error(void) /* {{{ */
 
        IBG(sql_code) = isc_sqlcode(IB_STATUS);
 
-       while ((s - IBG(errmsg)) < MAX_ERRMSG - (IBASE_MSGSIZE + 2) && fb_interpret(s, MAX_ERRMSG, &statusp)) {
+       while ((s - IBG(errmsg)) < MAX_ERRMSG - (IBASE_MSGSIZE + 2) && fb_interpret(s, MAX_ERRMSG - strlen(IBG(errmsg)) - 1, &statusp)) {
                strcat(IBG(errmsg), " ");
                s = IBG(errmsg) + strlen(IBG(errmsg));
        }