summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjvoisin2026-04-24 12:14:01 +0200
committerjvoisin2026-04-24 12:14:01 +0200
commit314b10154495b91eca684124275407b8186bb762 (patch)
tree7338a0d512e2ca3062cb88135473ed783b642a9f /src
parent36179282f5f52a7e54be34964b4afd4fd0194e4f (diff)
Fix an spprintf undefined behaviour
`getenv("REMOTE_ADDR")` can return NULL, and it is passed directly to `spprintf`. While `spprintf` might handle `NULL` gracefully, it's not always the case.
Diffstat (limited to 'src')
-rw-r--r--src/sp_upload_validation.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c
index 4ac4992..e24149e 100644
--- a/src/sp_upload_validation.c
+++ b/src/sp_upload_validation.c
@@ -54,8 +54,9 @@ static int sp_rfc1867_callback(unsigned int event, void *event_data, void **extr
54 cmd[1] = tmp_name; 54 cmd[1] = tmp_name;
55 cmd[2] = NULL; 55 cmd[2] = NULL;
56 56
57 const char *remote_addr = getenv("REMOTE_ADDR");
57 spprintf(&env[0], 0, "SP_FILENAME=%s", filename); 58 spprintf(&env[0], 0, "SP_FILENAME=%s", filename);
58 spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", getenv("REMOTE_ADDR")); 59 spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", remote_addr ? remote_addr : "");
59 spprintf(&env[2], 0, "SP_CURRENT_FILE=%s", zend_get_executed_filename(TSRMLS_C)); 60 spprintf(&env[2], 0, "SP_CURRENT_FILE=%s", zend_get_executed_filename(TSRMLS_C));
60 spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize); 61 spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize);
61 env[4] = NULL; 62 env[4] = NULL;