PHP :: Bug #63228

Return to Bug #63228
Patch printf-format.patch	revision 2012-10-06 11:11 UTC by glen at delfi dot ee

Patch printf-format.patch for Compile Failure Bug #63228

Patch version 2012-10-06 11:11 UTC

Return to Bug #63228 | Download this patch
Patch Revisions:

2012-10-06 11:11 UTC [diff to current]

Developer: glen@delfi.ee

fix printf format possible vulnreability

probably puts or fwrite would be better code here if no printf formatting is needed

Signed-Off-By: Elan Ruusamäe <glen@delfi.ee>
--- php-5.4.7/sapi/litespeed/lsapi_main.c~	2012-10-05 22:18:46.000000000 +0300
+++ php-5.4.7/sapi/litespeed/lsapi_main.c	2012-10-06 13:18:16.356066962 +0300
@@ -603,7 +603,7 @@
         "  args...    Arguments passed to script.\n";
     php_output_startup();
     php_output_activate(TSRMLS_C);
-    php_printf( usage );
+    php_printf( "%s", usage );
 #ifdef PHP_OUTPUT_NEWAPI
     php_output_end_all(TSRMLS_C);
 #else

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 26 12:01:30 2024 UTC