@- Fixed column-title buffer-overflow in OCIFetchStatement(). (Thies)

author Thies C. Arntzen <thies@php.net>

Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)

committer Thies C. Arntzen <thies@php.net>

Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)
author Thies C. Arntzen <thies@php.net>
Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)
committer Thies C. Arntzen <thies@php.net>
Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)
diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c

index 25ffac677d8747a497efc43c4e1f2cbc48cbd70d..d01bd50173bac53e6a5f652fe71a3efc30d96c0f 100644 (file)
--- a/ext/oci8/oci8.c
+++ b/ext/oci8/oci8.c
@@ -3461,7 +3461,7 @@ PHP_FUNCTION(ocifetchstatement)
         int i;
         int mode = OCI_NUM;
         int rows = 0;
-       char namebuf[ 128 ];
+       char *namebuf;
         int ac = ZEND_NUM_ARGS();
  
         if (ac < 2 || ac > 3 || zend_get_parameters_ex(ac, &stmt, &array, &fmode) == FAILURE) {
@@ -3489,10 +3489,10 @@ PHP_FUNCTION(ocifetchstatement)
                 MAKE_STD_ZVAL(tmp);
                 array_init(tmp);
  
-               memcpy(namebuf,columns[ i ]->name, columns[ i ]->name_len);
-               namebuf[ columns[ i ]->name_len ] = 0;
+               namebuf = estrndup(columns[ i ]->name,columns[ i ]->name_len);
                                 
                 zend_hash_update((*array)->value.ht, namebuf, columns[ i ]->name_len+1, (void *) &tmp, sizeof(zval*), (void **) &(outarrs[ i ]));
+               efree(namebuf);
         }
  
         while (oci_fetch(statement, nrows, "OCIFetchStatement")) {
author	Thies C. Arntzen <thies@php.net>
	Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)
committer	Thies C. Arntzen <thies@php.net>
	Mon, 13 Nov 2000 17:30:52 +0000 (17:30 +0000)