From: Uwe Schindler <thetaphi@php.net>
Date: Mon, 3 May 2004 12:23:25 +0000 (+0000)
Subject: Security fix: Put '\0' string termination before loop
X-Git-Tag: RELEASE_0_1~303
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b39a1e5195c5c8adc6a2ddd5c233efe3347982f3;p=php

Security fix: Put '\0' string termination before loop
---

diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c
index 6ead0b747c..1855412262 100644
--- a/sapi/nsapi/nsapi.c
+++ b/sapi/nsapi/nsapi.c
@@ -617,13 +617,13 @@ static void sapi_nsapi_register_server_variables(zval *track_vars_array TSRMLS_D
 		while (entry) {
 			if (!PG(safe_mode) || strncasecmp(entry->param->name, "authorization", 13)) {
 				snprintf(buf, NS_BUF_SIZE, "HTTP_%s", entry->param->name);
+				buf[NS_BUF_SIZE]='\0';
 				for(p = buf + 5; *p; p++) {
 					*p = toupper(*p);
 					if (*p < 'A' || *p > 'Z') {
 						*p = '_';
 					}
 				}
-				buf[NS_BUF_SIZE]='\0';
 				php_register_variable(buf, entry->param->value, track_vars_array TSRMLS_CC);
 			}
 			entry=entry->next;