From 0ac0f656ae39d0b9c0759e55ae760ab7ee070c8a Mon Sep 17 00:00:00 2001
From: Andi Gutmans <andi@php.net>
Date: Wed, 2 May 2001 22:22:16 +0000
Subject: [PATCH] - Fix possible buffer overflow. Always better to use
 strlcpy() instead   of strncpy()

---
 ext/curl/curl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/curl/curl.c b/ext/curl/curl.c
index 5cdc17b627..e8b4a15200 100644
--- a/ext/curl/curl.c
+++ b/ext/curl/curl.c
@@ -444,7 +444,7 @@ static size_t _php_curl_passwd(void *ctx, char *prompt, char *buf, int buflen)
 		return -1;
 	}
 
-	strncpy(buf, Z_STRVAL_P(retval), Z_STRLEN_P(retval));
+	strlcpy(buf, Z_STRVAL_P(retval), buflen);
 
 	zval_ptr_dtor(&argv[0]);
 	zval_ptr_dtor(&argv[1]);
-- 
2.50.1