Skip to content

Commit 4bbb8a0

Browse files
zsuraskizsuraski
committed
Fix a couple of buffer overflows in mcrypt.c
1 parent 48cbbbb commit 4bbb8a0

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

ext/mcrypt/mcrypt.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1251,7 +1251,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo
12511251
else if (count == 1) { /* only m_k_l = OK */
12521252
key_s = emalloc (key_length_sizes[0]);
12531253
memset (key_s, 0, key_length_sizes[0]);
1254-
memcpy (key_s, Z_STRVAL_PP(key), Z_STRLEN_PP(key));
1254+
memcpy (key_s, Z_STRVAL_PP(key), MIN(Z_STRLEN_PP(key), key_length_sizes[0]));
12551255
use_key_length = key_length_sizes[0];
12561256
}
12571257
else { /* derterminating smallest supported key > length of requested key */
@@ -1265,7 +1265,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo
12651265
}
12661266
key_s = emalloc (use_key_length);
12671267
memset (key_s, 0, use_key_length);
1268-
memcpy (key_s, Z_STRVAL_PP(key), Z_STRLEN_PP(key));
1268+
memcpy (key_s, Z_STRVAL_PP(key), MIN(Z_STRLEN_PP(key), use_key_length));
12691269
}
12701270
mcrypt_free (key_length_sizes);
12711271

0 commit comments

Comments
 (0)