diff options
author | Daniel Stenberg <daniel@haxx.se> | 2020-05-25 15:38:36 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-05-25 23:08:57 +0200 |
commit | ad829b21ae9e0f11a821a0a98a1aaab161efa9a2 (patch) | |
tree | 43914a76da27ebdeae8863653f9012d27c242036 /lib/escape.c | |
parent | 96f52abf809fc3f20eaa5ee9e4a4382e85520876 (diff) |
url: accept "any length" credentials for proxy auth
They're only limited to the maximum string input restrictions, not to
256 bytes.
Added test 1178 to verify
Reported-by: Will Roberts
Fixes #5448
Closes #5449
Diffstat (limited to 'lib/escape.c')
-rw-r--r-- | lib/escape.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/escape.c b/lib/escape.c index 97352a91d..f3c558ed0 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -134,12 +134,17 @@ CURLcode Curl_urldecode(struct Curl_easy *data, char **ostring, size_t *olen, bool reject_ctrl) { - size_t alloc = (length?length:strlen(string)) + 1; - char *ns = malloc(alloc); + size_t alloc; + char *ns; size_t strindex = 0; unsigned long hex; CURLcode result = CURLE_OK; + DEBUGASSERT(string); + + alloc = (length?length:strlen(string)) + 1; + ns = malloc(alloc); + if(!ns) return CURLE_OUT_OF_MEMORY; |