diff options
author | Daniel Stenberg <daniel@haxx.se> | 2000-11-21 19:01:53 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2000-11-21 19:01:53 +0000 |
commit | b734bc37eb683451fb68a04466c3da8a54597fdf (patch) | |
tree | 6940ecf1db16f074eadf9d67d445c356ff07b45b /lib/escape.c | |
parent | 2c123051bbbb4997ec53ec6cc8329e51548f82f7 (diff) | |
download | curl-b734bc37eb683451fb68a04466c3da8a54597fdf.tar.gz |
curl_unescape() did not stop at the set length properly when %-codes were
used
Diffstat (limited to 'lib/escape.c')
-rw-r--r-- | lib/escape.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/escape.c b/lib/escape.c index 048fd0f99..74d8deea8 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -100,7 +100,7 @@ char *curl_unescape(char *string, int length) the "query part" where '+' should become ' '. RFC 2316, section 3.10 */ - while(--alloc) { + while(--alloc > 0) { in = *string; if(querypart && ('+' == in)) in = ' '; @@ -113,6 +113,7 @@ char *curl_unescape(char *string, int length) if(sscanf(string+1, "%02X", &hex)) { in = hex; string+=2; + alloc-=2; } } |