]> granicus.if.org Git - curl/commit
projects / curl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f74baaf) | patch
formpost: avoid silent snprintf() truncation
authorDaniel Stenberg <daniel@haxx.se>
Sat, 8 Oct 2016 10:50:42 +0000 (12:50 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Sat, 8 Oct 2016 11:00:45 +0000 (13:00 +0200)
commit9885c9508ec757f7f658dab11658e4a3e643a420
tree35af961981ab069167b9d9285a5da3fa10bac7d9tree | snapshot
parentf74baaf3b3c8a4297d40322bf0ea9a6e136a3a73commit | diff
formpost: avoid silent snprintf() truncation

The previous use of snprintf() could make libcurl silently truncate some
input data and not report that back on overly large input, which could
make data get sent over the network in a bad format.

Example:

 $ curl --form 'a=b' -H "Content-Type: $(perl -e 'print "A"x4100')"
lib/formdata.c diff | blob | history
lib/formdata.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.