From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 16 Jan 2007 00:11:53 +0000 (+0000)
Subject: Added buffer length checks
X-Git-Tag: php-4.4.5RC2~9
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=42e3e2e12e34fba15322a5f872c2eef84be4f442;p=php

Added buffer length checks
---

diff --git a/win32/sendmail.c b/win32/sendmail.c
index d893a1b84c..a7b6f839a5 100644
--- a/win32/sendmail.c
+++ b/win32/sendmail.c
@@ -486,7 +486,7 @@ static int SendText(char *RPath, char *Subject, char *mailTo, char *mailCc, char
 		while(token != NULL)
 		{
 			SMTP_SKIP_SPACE(token);
-			sprintf(Buffer, "RCPT TO:<%s>\r\n", token);
+			snprintf(Buffer, MAIL_BUFFER_SIZE, "RCPT TO:<%s>\r\n", token);
 			if ((res = Post(Buffer)) != SUCCESS)
 				return (res);
 			if ((res = Ack(&server_response)) != SUCCESS) {
@@ -542,7 +542,7 @@ static int SendText(char *RPath, char *Subject, char *mailTo, char *mailCc, char
 			while(token != NULL)
 			{
 				SMTP_SKIP_SPACE(token);
-				sprintf(Buffer, "RCPT TO:<%s>\r\n", token);
+				snprintf(Buffer, MAIL_BUFFER_SIZE, "RCPT TO:<%s>\r\n", token);
 				if ((res = Post(Buffer)) != SUCCESS) {
 					return (res);
 				}