Secure versions of string functions don't exist for VC6

2024-11-24 02:15:04 +08:00 · 2008-07-28 16:43:51 +00:00 · 2008-07-28 16:43:51 +00:00 · 49aa0feaae
commit 49aa0feaae
parent d4b0beb322
1 changed files with 8 additions and 1 deletions
--- a/ext/standard/php_crypt_r.c
+++ b/ext/standard/php_crypt_r.c
@ -204,11 +204,18 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {

 	memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN);

+#ifdef strncpy_s
 	if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
 		goto _destroyCtx1;
 	}
 	strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
-
+#else
+	/* VC6 version doesn't have strcat_s or strncpy_s */
+	if (strncpy(passwd + MD5_MAGIC_LEN, sp, sl + 1) != 0) {
+		goto _destroyCtx1;
+	}
+	strcat(passwd, "$");
+#endif
 	dwHashLen = 16;

 	/* Fetch the ctx hash value */