diff options
author | Daniel Stenberg <daniel@haxx.se> | 2017-05-09 09:08:25 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2017-05-09 09:08:25 +0200 |
commit | 158d7016419429e7741ec35d0d6e256985762347 (patch) | |
tree | 161844e375cf52fc8528a8385c0fa67bde49a5ca | |
parent | 2f6bfd54997904457991fd6897ddbc309d3292ad (diff) | |
download | curl-158d7016419429e7741ec35d0d6e256985762347.tar.gz |
formboundary: convert assert into run-time check
... to really make sure the boundary fits in the target buffer.
Fixes unused parameter 'buflen' warning.
Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
-rw-r--r-- | lib/formdata.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/formdata.c b/lib/formdata.c index 4c3cf203c..f8a93d594 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -1557,7 +1557,8 @@ static CURLcode formboundary(struct Curl_easy *data, { /* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615) combinations */ - DEBUGASSERT(buflen >= 41); + if(buflen < 41) + return CURLE_BAD_FUNCTION_ARGUMENT; memset(buffer, '-', 24); Curl_rand_hex(data, (unsigned char *)&buffer[24], 17); |