From: Ilia Alshanetsky <iliaa@php.net>
Date: Mon, 30 Aug 2004 22:21:18 +0000 (+0000)
Subject: MFH: Added missing input validation to dio_write().
X-Git-Tag: php-4.3.9RC2~5
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=62a06abf375fc5a7894b3846d7810aa77c32abd6;p=php

MFH: Added missing input validation to dio_write().
---

diff --git a/ext/dio/dio.c b/ext/dio/dio.c
index 90e07b6a77..6825714105 100644
--- a/ext/dio/dio.c
+++ b/ext/dio/dio.c
@@ -232,6 +232,12 @@ PHP_FUNCTION(dio_write)
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs|l", &r_fd, &data, &data_len, &trunc_len) == FAILURE) {
 		return;
 	}
+
+ 	if (trunc_len <= 0 || trunc_len > data_len) {
+ 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater then zero and less then the length of specified string.");
+		RETURN_FALSE;
+ 	}
+
 	ZEND_FETCH_RESOURCE(f, php_fd_t *, &r_fd, -1, le_fd_name, le_fd);
 
 	res = write(f->fd, data, trunc_len ? trunc_len : data_len);