From 49c0823800862fcb03d87e3c32fb8358744e834e Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Thu, 25 Jan 2007 00:27:19 +0000 Subject: [PATCH] Added safety checks to the code --- ext/standard/user_filters.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ext/standard/user_filters.c b/ext/standard/user_filters.c index 31d623a364..60beea5c1c 100644 --- a/ext/standard/user_filters.c +++ b/ext/standard/user_filters.c @@ -256,6 +256,7 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, zval *obj, *zfilter; zval func_name; zval *retval = NULL; + int len; /* some sanity checks */ if (persistent) { @@ -264,9 +265,10 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, return NULL; } + len = strlen(filtername); + /* determine the classname/class entry */ - if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername, - strlen(filtername) + 1, (void**)&fdat)) { + if (FAILURE == zend_hash_find(BG(user_filter_map), (char*)filtername, len + 1, (void**)&fdat)) { char *period; /* Userspace Filters using ambiguous wildcards could cause problems. @@ -275,10 +277,10 @@ static php_stream_filter *user_filter_factory_create(const char *filtername, TODO: Allow failed userfilter creations to continue scanning through the list */ if ((period = strrchr(filtername, '.'))) { - char *wildcard; + char *wildcard = emalloc(len + 3); /* Search for wildcard matches instead */ - wildcard = estrdup(filtername); + memcpy(wildname, filtername, len + 1); /* copy \0 */ period = wildcard + (period - filtername); while (period) { *period = '\0'; -- 2.50.1