diff options
author | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:46:56 -0800 |
---|---|---|
committer | Stanislav Malyshev <stas@php.net> | 2015-01-31 21:46:56 -0800 |
commit | b30a6d6018705e0a9d345192eba8125ff854c167 (patch) | |
tree | 1cbc15d27bed94eba883af75ca1652a5e2a9bd5a | |
parent | 2cdbd3537fd9cbbc0e16771a7b63015e2a0ab5f3 (diff) | |
download | php-git-b30a6d6018705e0a9d345192eba8125ff854c167.tar.gz |
Use better constant since MAXHOSTNAMELEN may mean shorter name
-rw-r--r-- | ext/standard/dns.c | 8 | ||||
-rw-r--r-- | ext/standard/tests/network/bug68925.phpt | 4 | ||||
-rw-r--r-- | main/network.c | 6 | ||||
-rw-r--r-- | main/php_network.h | 4 | ||||
-rw-r--r-- | sapi/cgi/fastcgi.c | 6 |
5 files changed, 16 insertions, 12 deletions
diff --git a/ext/standard/dns.c b/ext/standard/dns.c index e21aca4919..7b5dba0eaf 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -222,9 +222,9 @@ PHP_FUNCTION(gethostbyname) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_STRINGL(hostname, hostname_len, 1); } addr = php_gethostbyname(hostname); @@ -247,9 +247,9 @@ PHP_FUNCTION(gethostbynamel) return; } - if(hostname_len > MAXHOSTNAMELEN) { + if(hostname_len > MAXFQDNLEN) { /* name too long, protect from CVE-2015-0235 */ - php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN); + php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN); RETURN_FALSE; } diff --git a/ext/standard/tests/network/bug68925.phpt b/ext/standard/tests/network/bug68925.phpt index e710d72bdf..2638dd331d 100644 --- a/ext/standard/tests/network/bug68925.phpt +++ b/ext/standard/tests/network/bug68925.phpt @@ -6,8 +6,8 @@ var_dump(gethostbyname(str_repeat("0", 2501))); var_dump(gethostbynamel(str_repeat("0", 2501))); ?> --EXPECTF-- -Warning: gethostbyname(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbyname(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d string(2501) "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" -Warning: gethostbynamel(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d +Warning: gethostbynamel(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d bool(false) diff --git a/main/network.c b/main/network.c index 41b2cfa0ba..1845998807 100644 --- a/main/network.c +++ b/main/network.c @@ -103,10 +103,6 @@ const struct in6_addr in6addr_any = {0}; /* IN6ADDR_ANY_INIT; */ # define PHP_TIMEOUT_ERROR_VALUE ETIMEDOUT #endif -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 255 -#endif - #if HAVE_GETADDRINFO #ifdef HAVE_GAI_STRERROR # define PHP_GAI_STRERROR(x) (gai_strerror(x)) @@ -248,7 +244,7 @@ PHPAPI int php_network_getaddresses(const char *host, int socktype, struct socka #else if (!inet_aton(host, &in)) { /* XXX NOT THREAD SAFE (is safe under win32) */ - if(strlen(host) > MAXHOSTNAMELEN) { + if(strlen(host) > MAXFQDNLEN) { host_info = NULL; errno = E2BIG; } else { diff --git a/main/php_network.h b/main/php_network.h index dd28f161aa..35503b7172 100644 --- a/main/php_network.h +++ b/main/php_network.h @@ -311,6 +311,10 @@ END_EXTERN_C() /* }}} */ +#ifndef MAXFQDNLEN +#define MAXFQDNLEN 255 +#endif + #endif /* _PHP_NETWORK_H */ /* diff --git a/sapi/cgi/fastcgi.c b/sapi/cgi/fastcgi.c index 4c6ea4c0a3..53e3202d9a 100644 --- a/sapi/cgi/fastcgi.c +++ b/sapi/cgi/fastcgi.c @@ -27,6 +27,10 @@ #include <stdarg.h> #include <errno.h> +#ifndef MAXFQDNLEN +#define MAXFQDNLEN 255 +#endif + #ifdef _WIN32 #include <windows.h> @@ -611,7 +615,7 @@ int fcgi_listen(const char *path, int backlog) if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) { struct hostent *hep; - if(strlen(host) > MAXHOSTNAMELEN) { + if(strlen(host) > MAXFQDNLEN) { hep = NULL; } else { hep = gethostbyname(host); |