From 4107cb2eda7ceba776363bbbad4abf9dec32c075 Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Sun, 9 Jun 2024 19:41:16 +0200 Subject: [PATCH] phpdbg: change uses of sprintf into snprintf --- sapi/phpdbg/phpdbg.c | 5 +++-- sapi/phpdbg/phpdbg_utils.c | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index 29a37077503..9811f750b0f 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -1672,9 +1672,10 @@ phpdbg_out: if (PHPDBG_G(exec) && strcmp("Standard input code", PHPDBG_G(exec)) == SUCCESS) { /* i.e. execution context has been read from stdin - back it up */ phpdbg_file_source *data = zend_hash_str_find_ptr(&PHPDBG_G(file_sources), PHPDBG_G(exec), PHPDBG_G(exec_len)); - backup_phpdbg_compile = zend_string_alloc(data->len + 2, 1); + size_t size = data->len + 2; + backup_phpdbg_compile = zend_string_alloc(size, 1); GC_MAKE_PERSISTENT_LOCAL(backup_phpdbg_compile); - sprintf(ZSTR_VAL(backup_phpdbg_compile), "?>%.*s", (int) data->len, data->buf); + snprintf(ZSTR_VAL(backup_phpdbg_compile), size + 1, "?>%.*s", (int) data->len, data->buf); } zend_try { diff --git a/sapi/phpdbg/phpdbg_utils.c b/sapi/phpdbg/phpdbg_utils.c index 964d82ef6c8..329ee9a8830 100644 --- a/sapi/phpdbg/phpdbg_utils.c +++ b/sapi/phpdbg/phpdbg_utils.c @@ -503,8 +503,9 @@ PHPDBG_API int phpdbg_parse_variable_with_arg(char *input, size_t len, HashTable keylen = spprintf(&key, 0, ZEND_ULONG_FMT, numkey); } propkey = phpdbg_get_property_key(key); - name = emalloc(i + keylen + 2); - namelen = sprintf(name, "%.*s%.*s%s", (int) i, input, (int) (keylen - (propkey - key)), propkey, input[len - 1] == ']'?"]":""); + namelen = i + keylen + 2; + name = emalloc(namelen); + namelen = snprintf(name, namelen, "%.*s%.*s%s", (int) i, input, (int) (keylen - (propkey - key)), propkey, input[len - 1] == ']'?"]":""); if (!strkey) { efree(key); }