Jim Drash suggested and I made it not encode what looks like an already

encoded letter (in curl_escape)

1 files changed, 22 insertions, 7 deletions

diff --git a/lib/escape.c b/lib/escape.c
index f0e67d38f..a753697e5 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -25,6 +25,7 @@
  * allocated string or NULL if an error occurred.  */
 
 #include "setup.h"
+#include <ctype.h>
 #include <curl/curl.h>
 
 #include <stdio.h>
@@ -52,14 +53,28 @@ char *curl_escape(char *string, int length)
             !(in >= 'A' && in <= 'Z') &&
             !(in >= '0' && in <= '9')) {
       /* encode it */
-      newlen += 2; /* the size grows with two, since this'll become a %XX */
-      if(newlen > alloc) {
-        alloc *= 2;
-        ns = realloc(ns, alloc);
-        if(!ns)
-          return NULL;
+      if(('%' == in) &&
+         (length>=2) &&
+         isxdigit((int)string[1]) &&
+         isxdigit((int)string[2]) ) {
+        /*
+         * This is an already encoded letter, leave it!
+         */
+        memcpy(&ns[index], string, 3);
+        string+=2;
+      }
+      else {
+        /* encode this now */
+
+        newlen += 2; /* the size grows with two, since this'll become a %XX */
+        if(newlen > alloc) {
+          alloc *= 2;
+          ns = realloc(ns, alloc);
+          if(!ns)
+            return NULL;
+        }
+        sprintf(&ns[index], "%%%02X", in);
       }
-      sprintf(&ns[index], "%%%02X", in);
       index+=3;
     }
     else {