Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

Revert previous commit that caused a buffer overflow (Bug #40634)

experimental/5.2-WITH_DRCP
Ilia Alshanetsky 19 years ago
parent
fb3a3b72f1
commit
58c167168d
1 changed files with 5 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      ext/standard/head.c

7
ext/standard/head.c
View File

@ -94,6 +94,9 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
if (domain) {
len += domain_len;
}
cookie = emalloc(len + 100);
if (value && value_len == 0) {
/*
* MSIE doesn't delete a cookie when you set it to a null value
@ -102,10 +105,10 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
*/
time_t t = time(NULL) - 31536001;
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, t, 0 TSRMLS_CC);
spprintf(&cookie, 0, "Set-Cookie: %s=deleted; expires=%s", name, dt);
snprintf(cookie, len + 100, "Set-Cookie: %s=deleted; expires=%s", name, dt);
efree(dt);
} else {
spprintf(&cookie, 0, "Set-Cookie: %s=%s", name, value ? encoded_value : "");
snprintf(cookie, len + 100, "Set-Cookie: %s=%s", name, value ? encoded_value : "");
if (expires > 0) {
strlcat(cookie, "; expires=", len + 100);
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC);

Write Preview
Loading…
Cancel
Save