From: Stefan Esser <sesser@php.net>
Date: Wed, 1 Dec 2004 22:37:33 +0000 (+0000)
Subject: Do not silently truncate
X-Git-Tag: RELEASE_0_2~595
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b1bb6f1735182ef61b51fb16743b5e6e1a649db5;p=php

Do not silently truncate
---

diff --git a/main/safe_mode.c b/main/safe_mode.c
index d0d351388d..b3119b0de5 100644
--- a/main/safe_mode.c
+++ b/main/safe_mode.c
@@ -55,13 +55,15 @@ PHPAPI int php_checkuid_ex(const char *filename, char *fopen_mode, int mode, int
 	php_stream_wrapper *wrapper = NULL;
 	TSRMLS_FETCH();
 
-	strlcpy(filenamecopy, filename, MAXPATHLEN);
-	filename=(char *)&filenamecopy;
-
 	if (!filename) {
 		return 0; /* path must be provided */
 	}
 
+	if (strlcpy(filenamecopy, filename, MAXPATHLEN)>=MAXPATHLEN) {
+		return 0;
+	}
+	filename=(char *)&filenamecopy;
+
 	if (fopen_mode) {
 		if (fopen_mode[0] == 'r') {
 			mode = CHECKUID_DISALLOW_FILE_NOT_EXISTS;