diff options
author | Yasuo Ohgaki <yohgaki@php.net> | 2013-08-11 06:43:37 +0900 |
---|---|---|
committer | Yasuo Ohgaki <yohgaki@php.net> | 2013-08-11 06:43:37 +0900 |
commit | 2df95b135477965832ec9214eb8d58607f734c94 (patch) | |
tree | d1f3d85b06b710f50ebedb3f2ed40a432f1c784e | |
parent | 9d95a1a7d13678b5a82d7b341e3c06b651a98fe9 (diff) | |
parent | 0ad81ac18a72c0bc2d9dae180950f47a09994e35 (diff) | |
download | php-git-2df95b135477965832ec9214eb8d58607f734c94.tar.gz |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fixed possible buffer overflow under Windows. Note: Not a security fix.
-rw-r--r-- | ext/session/session.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ext/session/session.c b/ext/session/session.c index 686e938af6..5fdb42b04b 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -346,7 +346,7 @@ PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ unsigned char rbuf[2048]; size_t toread = PS(entropy_length); - if (php_win32_get_random_bytes(rbuf, (size_t) toread) == SUCCESS){ + if (php_win32_get_random_bytes(rbuf, MIN(toread, sizeof(rbuf))) == SUCCESS){ switch (PS(hash_func)) { case PS_HASH_FUNC_MD5: |