openssl: change uses of sprintf into snprintf and zend_string_concat2

nielsdos · nielsdos · commit 5fffdaa4195d · 2024-06-14T08:12:03.000-07:00
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -1641,9 +1641,7 @@ PHP_FUNCTION(openssl_spki_new)
 		goto cleanup;
 	}
 
-	s = zend_string_alloc(strlen(spkac) + strlen(spkstr), 0);
-	sprintf(ZSTR_VAL(s), "%s%s", spkac, spkstr);
-	ZSTR_LEN(s) = strlen(ZSTR_VAL(s));
+	s = zend_string_concat2(spkac, strlen(spkac), spkstr, strlen(spkstr));
 	OPENSSL_free(spkstr);
 
 	RETVAL_STR(s);
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
@@ -498,7 +498,7 @@ static bool php_openssl_matches_san_list(X509 *peer, const char *subject_name) /
 			OPENSSL_free(cert_name);
 		} else if (san->type == GEN_IPADD) {
 			if (san->d.iPAddress->length == 4) {
-				sprintf(ipbuffer, "%d.%d.%d.%d",
+				snprintf(ipbuffer, sizeof(ipbuffer), "%d.%d.%d.%d",
 					san->d.iPAddress->data[0],
 					san->d.iPAddress->data[1],
 					san->d.iPAddress->data[2],

Original file line number	Diff line number	Diff line change
`@@ -1641,9 +1641,7 @@ PHP_FUNCTION(openssl_spki_new)`
`1641`	`1641`	`goto cleanup;`
`1642`	`1642`	`}`
`1643`	`1643`
`1644`		`- s = zend_string_alloc(strlen(spkac) + strlen(spkstr), 0);`
`1645`		`- sprintf(ZSTR_VAL(s), "%s%s", spkac, spkstr);`
`1646`		`- ZSTR_LEN(s) = strlen(ZSTR_VAL(s));`
	`1644`	`+ s = zend_string_concat2(spkac, strlen(spkac), spkstr, strlen(spkstr));`
`1647`	`1645`	`OPENSSL_free(spkstr);`
`1648`	`1646`
`1649`	`1647`	`RETVAL_STR(s);`