diff options
| author | Curl Upstream <curl-library@cool.haxx.se> | 2016-11-02 06:34:06 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2016-12-05 16:39:32 (GMT) |
| commit | 93cc249f3dd7ecd621cd063e4c08bbdb54d971e8 (patch) | |
| tree | 4cd65530c3a67921921256010ae5ef0a61596e40 /lib/escape.c | |
| parent | 202adcfe056681109fe61569ecdb3bd69f0b4f97 (diff) | |
| download | CMake-93cc249f3dd7ecd621cd063e4c08bbdb54d971e8.zip CMake-93cc249f3dd7ecd621cd063e4c08bbdb54d971e8.tar.gz CMake-93cc249f3dd7ecd621cd063e4c08bbdb54d971e8.tar.bz2 | |
curl 2016-11-02 (3c561c65)
Code extracted from:
https://github.com/curl/curl.git
at commit 3c561c657c2f0e553b19115a506592a8bbd744bc (curl-7_51_0).
Diffstat (limited to 'lib/escape.c')
| -rw-r--r-- | lib/escape.c | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/lib/escape.c b/lib/escape.c index 04230b4..6657007 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -78,15 +78,21 @@ char *curl_unescape(const char *string, int length) char *curl_easy_escape(struct Curl_easy *data, const char *string, int inlength) { - size_t alloc = (inlength?(size_t)inlength:strlen(string))+1; + size_t alloc; char *ns; char *testing_ptr = NULL; unsigned char in; /* we need to treat the characters unsigned */ - size_t newlen = alloc; + size_t newlen; size_t strindex=0; size_t length; CURLcode result; + if(inlength < 0) + return NULL; + + alloc = (inlength?(size_t)inlength:strlen(string))+1; + newlen = alloc; + ns = malloc(alloc); if(!ns) return NULL; @@ -211,14 +217,22 @@ char *curl_easy_unescape(struct Curl_easy *data, const char *string, int length, int *olen) { char *str = NULL; - size_t inputlen = length; - size_t outputlen; - CURLcode res = Curl_urldecode(data, string, inputlen, &str, &outputlen, - FALSE); - if(res) - return NULL; - if(olen) - *olen = curlx_uztosi(outputlen); + if(length >= 0) { + size_t inputlen = length; + size_t outputlen; + CURLcode res = Curl_urldecode(data, string, inputlen, &str, &outputlen, + FALSE); + if(res) + return NULL; + + if(olen) { + if(outputlen <= (size_t) INT_MAX) + *olen = curlx_uztosi(outputlen); + else + /* too large to return in an int, fail! */ + Curl_safefree(str); + } + } return str; } |