Secure versions of string functions don't exist for VC6

php · Jul 28, 2008 · 49aa0fe · 49aa0fe
1 parent d4b0beb
commit 49aa0fe
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
@@ -204,11 +204,18 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
 
 	memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN);
 
+#ifdef strncpy_s
 	if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
 		goto _destroyCtx1;
 	}
 	strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
-
+#else
+	/* VC6 version doesn't have strcat_s or strncpy_s */
+	if (strncpy(passwd + MD5_MAGIC_LEN, sp, sl + 1) != 0) {
+		goto _destroyCtx1;
+	}
+	strcat(passwd, "$");
+#endif
 	dwHashLen = 16;
 
 	/* Fetch the ctx hash value */