From: Wez Furlong <wez@php.net>
Date: Tue, 19 Mar 2002 13:44:38 +0000 (+0000)
Subject: avoid possible buffer overruns when write returns a value larger than the buffer
X-Git-Tag: php-4.3.0dev-ZendEngine2-Preview1~1230
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6d431f1caf8ce614d8d6b0bf8e61c15cebac30c6;p=php

avoid possible buffer overruns when write returns a value larger than the buffer
---

diff --git a/main/user_streams.c b/main/user_streams.c
index b5d3701e20..f6195b2ab6 100644
--- a/main/user_streams.c
+++ b/main/user_streams.c
@@ -249,6 +249,13 @@ static size_t php_userstreamop_write(php_stream *stream, const char *buf, size_t
 		didwrite = Z_LVAL_P(retval);
 	else
 		didwrite = 0;
+
+	/* don't allow strange buffer overruns due to bogus return */
+	if (didwrite > count) {
+		zend_error(E_WARNING, "%s::" USERSTREAM_READ " - wrote more data than requested",
+				us->wrapper->classname);
+		didwrite = count;
+	}
 	
 	if (retval)
 		zval_ptr_dtor(&retval);