summaryrefslogtreecommitdiff
path: root/lib/formdata.c
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2017-05-09 09:08:25 +0200
committerDaniel Stenberg <daniel@haxx.se>2017-05-09 09:08:25 +0200
commit158d7016419429e7741ec35d0d6e256985762347 (patch)
tree161844e375cf52fc8528a8385c0fa67bde49a5ca /lib/formdata.c
parent2f6bfd54997904457991fd6897ddbc309d3292ad (diff)
downloadcurl-158d7016419429e7741ec35d0d6e256985762347.tar.gz
formboundary: convert assert into run-time check
... to really make sure the boundary fits in the target buffer. Fixes unused parameter 'buflen' warning. Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
Diffstat (limited to 'lib/formdata.c')
-rw-r--r--lib/formdata.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/formdata.c b/lib/formdata.c
index 4c3cf203c..f8a93d594 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -1557,7 +1557,8 @@ static CURLcode formboundary(struct Curl_easy *data,
{
/* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615)
combinations */
- DEBUGASSERT(buflen >= 41);
+ if(buflen < 41)
+ return CURLE_BAD_FUNCTION_ARGUMENT;
memset(buffer, '-', 24);
Curl_rand_hex(data, (unsigned char *)&buffer[24], 17);