From: Stanislav Malyshev <stas@php.net>
Date: Sun, 7 Dec 2003 12:59:54 +0000 (+0000)
Subject: fix potential buffer overrun
X-Git-Tag: php-5.0.0b3RC1~214
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=facea7fb70457b42e515a5b19e44889e16923ebd;p=php

fix potential buffer overrun
---

diff --git a/sapi/cgi/libfcgi/os_unix.c b/sapi/cgi/libfcgi/os_unix.c
index 6d4e103272..bbaf112621 100644
--- a/sapi/cgi/libfcgi/os_unix.c
+++ b/sapi/cgi/libfcgi/os_unix.c
@@ -103,6 +103,11 @@ static int volatile maxFd = -1;
 static int shutdownPending = FALSE;
 static int shutdownNow = FALSE;
 
+#ifndef HAVE_STRLCPY
+#define strlcpy php_strlcpy
+#endif
+size_t strlcpy(char *dst, const char *src, size_t siz);
+
 void OS_ShutdownPending()
 {
     shutdownPending = TRUE;
@@ -293,7 +298,7 @@ int OS_CreateLocalIpcFd(const char *bindPath, int backlog, int bCreateMutex)
     short   port = 0;
     char    host[MAXPATHLEN];
 
-    strcpy(host, bindPath);
+    strlcpy(host, bindPath, MAXPATHLEN-1);
     if((tp = strchr(host, ':')) != 0) {
 	*tp++ = 0;
 	if((port = atoi(tp)) == 0) {
@@ -396,7 +401,7 @@ int OS_FcgiConnect(char *bindPath)
     short   port = 0;
     int	    tcp = FALSE;
 
-    strcpy(host, bindPath);
+    strlcpy(host, bindPath, MAXPATHLEN-1);
     if((tp = strchr(host, ':')) != 0) {
 	*tp++ = 0;
 	if((port = atoi(tp)) == 0) {