From 6426d1c9ce06969fd18e81949e18ee76fa27da1c Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Fri, 8 Sep 2000 12:32:29 +0000 Subject: [PATCH] Fix crash on very long error messages Manual for snprintf says: If the output was truncated, the return value is -1, oth- erwise it is the number of characters stored, not includ- ing the terminating null. And that's a blatant lie - in reality, libc 2.1 always returns number of characters that _would be_ stored. I hate those libc bugs. Now we should go and check every place we trusted snprintf return value. --- main/main.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main/main.c b/main/main.c index 50dffa369b..43dd9e6886 100644 --- a/main/main.c +++ b/main/main.c @@ -334,6 +334,9 @@ static void php_error_cb(int type, const char *error_filename, const uint error_ buffer_len = vsnprintf(buffer, sizeof(buffer)-1, format, args); buffer[sizeof(buffer)-1]=0; + if(buffer_len > sizeof(buffer) - 1 || buffer_len < 0) { + buffer_len = sizeof(buffer) - 1; + } /* display/log the error if necessary */ if ((EG(error_reporting) & type || (type & E_CORE)) -- 2.50.1