From 4acff8f37f59bded8e613cccf474c1576a8334b4 Mon Sep 17 00:00:00 2001
From: Zeev Suraski <zeev@php.net>
Date: Sat, 9 Sep 2000 15:06:38 +0000
Subject: [PATCH] Don't use unsafe sprintf()

---
 Zend/zend.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Zend/zend.c b/Zend/zend.c
index 8e706b2481..2c2fa082ae 100644
--- a/Zend/zend.c
+++ b/Zend/zend.c
@@ -615,12 +615,13 @@ ZEND_API void zend_error(int type, const char *format, ...)
 
 #ifdef HAVE_VSNPRINTF
 			z_error_message->value.str.len = vsnprintf(z_error_message->value.str.val, ZEND_ERROR_BUFFER_SIZE, format, args);
-			if(z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
+			if (z_error_message->value.str.len > ZEND_ERROR_BUFFER_SIZE-1) {
 				z_error_message->value.str.len = ZEND_ERROR_BUFFER_SIZE-1;
 			}
 #else
+			strncpy(z_error_message->value.str.val, format, ZEND_ERROR_BUFFER_SIZE);
 			/* This is risky... */
-			z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args);
+			/* z_error_message->value.str.len = vsprintf(z_error_message->value.str.val, format, args); */
 #endif
 			z_error_message->type = IS_STRING;
 
-- 
2.50.1