diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-10-03 18:23:22 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-10-31 08:46:35 +0100 |
commit | 269a88910436d730ac212f4dc01cbe6961338061 (patch) | |
tree | b98ac3f02f6e2ddd833105c3ea2de7e26c007b2a /src | |
parent | fbb5f1aa0326d485d5a7ac643b48481897ca667f (diff) |
glob_next_url: make sure to stay within the given output buffer
Diffstat (limited to 'src')
-rw-r--r-- | src/tool_urlglob.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index 64c75ba4f..c45a78b21 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -431,6 +431,7 @@ CURLcode glob_url(URLGlob** glob, char* url, unsigned long *urlnum, glob_buffer = malloc(strlen(url) + 1); if(!glob_buffer) return CURLE_OUT_OF_MEMORY; + glob_buffer[0]=0; glob_expand = calloc(1, sizeof(URLGlob)); if(!glob_expand) { @@ -548,20 +549,25 @@ CURLcode glob_next_url(char **globbed, URLGlob *glob) switch(pat->type) { case UPTSet: if(pat->content.Set.elements) { - len = strlen(pat->content.Set.elements[pat->content.Set.ptr_s]); snprintf(buf, buflen, "%s", pat->content.Set.elements[pat->content.Set.ptr_s]); + len = strlen(buf); buf += len; buflen -= len; } break; case UPTCharRange: - *buf++ = pat->content.CharRange.ptr_c; + if(buflen) { + *buf++ = pat->content.CharRange.ptr_c; + *buf = '\0'; + buflen--; + } break; case UPTNumRange: - len = snprintf(buf, buflen, "%0*ld", - pat->content.NumRange.padlength, - pat->content.NumRange.ptr_n); + snprintf(buf, buflen, "%0*ld", + pat->content.NumRange.padlength, + pat->content.NumRange.ptr_n); + len = strlen(buf); buf += len; buflen -= len; break; @@ -570,7 +576,6 @@ CURLcode glob_next_url(char **globbed, URLGlob *glob) return CURLE_FAILED_INIT; } } - *buf = '\0'; *globbed = strdup(glob->glob_buffer); if(!*globbed) |