Added missing safety checks for 2nd parameter of setlocale() function

author Ilia Alshanetsky <iliaa@php.net>

Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)
diff --git a/ext/standard/string.c b/ext/standard/string.c

index 838d5b0ded2d3ca503e6c2f57dc1dfe584978e67..bf59f11386dbe4cccf6a95781a2aba6f9a217d69 100644 (file)
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -6120,6 +6120,10 @@ PHP_FUNCTION(setlocale)
                         loc = NULL;
                 } else {
                         loc = Z_STRVAL_PP(plocale);
+                       if (Z_STRLEN_PP(plocale) >= 255) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Specified locale name is too long");
+                               break;
+                       }
                 }
  
                 retval = setlocale (cat, loc);
author	Ilia Alshanetsky <iliaa@php.net>
	Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Fri, 7 Sep 2007 02:28:26 +0000 (02:28 +0000)