php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

main/streams: Remove questionable use of PHP_STRLCPY

Browse Source 
The description of PHP_STRLCPY says that this is a fast version of strlcpy that should be used if we *know* the size of both the source and destination buffers.
This is clearly not the case as we use strlen() to compute it.
Moreover if the result cannot fit in the destination buffer something seriously strange has happened and we should return a failure state rather than truncating.
This commit is contained in:
Gina Peter Banyard
2025-01-02 13:29:40 +00:00
parent f55d6cc110
commit 0fe3a91494
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
main/streams/plain_wrapper.c
View File

@@ -1028,7 +1028,12 @@ static ssize_t php_plain_files_dirstream_read(php_stream *stream, char *buf, siz
result = readdir(dir);
if (result) {
PHP_STRLCPY(ent->d_name, result->d_name, sizeof(ent->d_name), strlen(result->d_name));
size_t len = strlen(result->d_name);
if (UNEXPECTED(len >= sizeof(ent->d_name))) {
return -1;
}
/* Include null byte */
memcpy(ent->d_name, result->d_name, len+1);
#ifdef _DIRENT_HAVE_D_TYPE
ent->d_type = result->d_type;
#else