From: Ilia Alshanetsky Date: Thu, 25 Jan 2007 00:27:19 +0000 (+0000) Subject: Added safety checks to the code X-Git-Tag: RELEASE_1_2_3~7 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=49c0823800862fcb03d87e3c32fb8358744e834e;p=php Added safety checks to the code --- diff --git a/ext/standard/user_filters.c b/ext/standard/user_filters.c index 31d623a364..60beea5c1c 100644 --- a/ext/standard/user_filters.c +++ b/ext/standard/user_filters.c @@ -256,6 +256,7 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, zval *obj, *zfilter; zval func_name; zval *retval = NULL; + int len; /* some sanity checks */ if (persistent) { @@ -264,9 +265,10 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, return NULL; } + len = strlen(filtername); + /* determine the classname/class entry */ - if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername, - strlen(filtername) + 1, (void**)&fdat)) { + if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername, len + 1, (void**)&fdat)) { char *period; /* Userspace Filters using ambiguous wildcards could cause problems. @@ -275,10 +277,10 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, TODO: Allow failed userfilter creations to continue scanning through the list */ if ((period = strrchr(filtername, '.'))) { - char *wildcard; + char *wildcard = emalloc(len + 3); /* Search for wildcard matches instead */ - wildcard = estrdup(filtername); + memcpy(wildname, filtername, len + 1); /* copy \0 */ period = wildcard + (period - filtername); while (period) { *period = '\0';