curl: don't pass semicolons when parsing Content-Disposition

Test 1422 updated to verify.

Closes #1964

2 files changed, 7 insertions, 10 deletions

diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index bb982d2e4..7f2181f40 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -161,8 +161,13 @@ static char *parse_filename(const char *ptr, size_t len)
   else
     stop = ';';
 
+  /* scan for the end letter and stop there */
+  q = strchr(p, stop);
+  if(q)
+    *q = '\0';
+
   /* if the filename contains a path, only use filename portion */
-  q = strrchr(copy, '/');
+  q = strrchr(p, '/');
   if(q) {
     p = q + 1;
     if(!*p) {
@@ -183,14 +188,6 @@ static char *parse_filename(const char *ptr, size_t len)
     }
   }
 
-  /* scan for the end letter and stop there */
-  for(q = p; *q; ++q) {
-    if(*q == stop) {
-      *q = '\0';
-      break;
-    }
-  }
-
   /* make sure the file name doesn't end in \r or \n */
   q = strchr(p, '\r');
   if(q)
diff --git a/tests/data/test1422 b/tests/data/test1422
index 9b436cc4e..df9d750dd 100644
--- a/tests/data/test1422
+++ b/tests/data/test1422
@@ -16,7 +16,7 @@ Server: test-server/fake
 Content-Length: 0

 Connection: close

 Content-Type: text/html

-Content-Disposition: filename=name1422; charset=funny; option=strange

+Content-Disposition: filename=name1422; charset=funny; option=str//nge

 

 </data>
 </reply>