From: Felipe Pena <felipe@php.net>
Date: Thu, 24 Feb 2011 02:42:38 +0000 (+0000)
Subject: - Fixed possible off-by-one overflow in ibase_gen_id()
X-Git-Tag: php-5.4.0alpha1~191^2~204
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=accc8eeefee577d7b9b8c193f7d48da1e3565c75;p=php

- Fixed possible off-by-one overflow in ibase_gen_id()
---

diff --git a/ext/interbase/interbase.c b/ext/interbase/interbase.c
index fa72cf80c3..bc50175a23 100644
--- a/ext/interbase/interbase.c
+++ b/ext/interbase/interbase.c
@@ -1424,6 +1424,11 @@ PHP_FUNCTION(ibase_gen_id)
 			&inc, &link)) {
 		RETURN_FALSE;
 	}
+	
+	if (gen_len > 31) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid generator name");
+		RETURN_FALSE;
+	}
 
 	PHP_IBASE_LINK_TRANS(link, ib_link, trans);