From: Elizabeth Marie Smith <auroraeosrose@php.net>
Date: Mon, 28 Jul 2008 16:48:38 +0000 (+0000)
Subject: Secure versions of string functions don't exist for VC6
X-Git-Tag: BEFORE_HEAD_NS_CHANGE~992
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fec135a4e3ac343f227bd10f2e88e8922902268b;p=php

Secure versions of string functions don't exist for VC6
---

diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
index 6efce8b8f3..7f8676a54b 100644
--- a/ext/standard/php_crypt_r.c
+++ b/ext/standard/php_crypt_r.c
@@ -204,10 +204,18 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
 
 	memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN);
 
-	if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
+#ifdef strncpy_s
+ 	if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
+ 		goto _destroyCtx1;
+ 	}
+ 	strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
+#else
+	/* VC6 version doesn't have strcat_s or strncpy_s */
+	if (strncpy(passwd + MD5_MAGIC_LEN, sp, sl + 1) != 0) {
 		goto _destroyCtx1;
 	}
-	strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
+	strcat(passwd, "$");
+#endif
 
 	dwHashLen = 16;