aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/formdata.c24
1 files changed, 11 insertions, 13 deletions
diff --git a/lib/formdata.c b/lib/formdata.c
index 5e961440a..46dd454fa 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -128,11 +128,8 @@ Content-Disposition: form-data; name="FILECONTENT"
#include "memdebug.h"
#endif
-/* Length of the random boundary string. The risk of this being used
- in binary data is very close to zero, 64^32 makes
- 6277101735386680763835789423207666416102355444464034512896
- combinations... */
-#define BOUNDARY_LENGTH 32
+/* Length of the random boundary string. */
+#define BOUNDARY_LENGTH 40
/* What kind of Content-Type to use on un-specified files with unrecognized
extensions. */
@@ -1049,22 +1046,23 @@ char *Curl_FormBoundary(void)
the same form won't be identical */
int i;
- static char table62[]=
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+ static char table16[]="abcdef0123456789";
- retstring = (char *)malloc(BOUNDARY_LENGTH);
+ retstring = (char *)malloc(BOUNDARY_LENGTH+1);
if(!retstring)
return NULL; /* failed */
srand(time(NULL)+randomizer++); /* seed */
- strcpy(retstring, "curl"); /* bonus commercials 8*) */
+ strcpy(retstring, "----------------------------");
- for(i=4; i<(BOUNDARY_LENGTH-1); i++) {
- retstring[i] = table62[rand()%62];
- }
- retstring[BOUNDARY_LENGTH-1]=0; /* zero terminate */
+ for(i=strlen(retstring); i<BOUNDARY_LENGTH; i++)
+ retstring[i] = table16[rand()%16];
+
+ /* 28 dashes and 12 hexadecimal digits makes 12^16 (184884258895036416)
+ combinations */
+ retstring[BOUNDARY_LENGTH]=0; /* zero terminate */
return retstring;
}