diff options
Diffstat (limited to 'lib/formdata.c')
-rw-r--r-- | lib/formdata.c | 77 |
1 files changed, 26 insertions, 51 deletions
diff --git a/lib/formdata.c b/lib/formdata.c index aa5a79ac1..cbef51171 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -21,6 +21,7 @@ ***************************************************************************/ #include "setup.h" + #include <curl/curl.h> /* Length of the random boundary string. */ @@ -28,14 +29,10 @@ #if !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY) -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <stdarg.h> -#include <time.h> #if defined(HAVE_LIBGEN_H) && defined(HAVE_BASENAME) #include <libgen.h> #endif + #include "urldata.h" /* for struct SessionHandle */ #include "formdata.h" #include "curl_rand.h" @@ -462,7 +459,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, if(current_form->flags & HTTPPOST_FILENAME) { if(filename) { if((current_form = AddFormInfo(strdup(filename), - NULL, current_form)) == NULL) + NULL, current_form)) == NULL) return_value = CURL_FORMADD_MEMORY; } else @@ -487,46 +484,18 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, break; } - case CURLFORM_BUFFER: - { - const char *filename = array_state?array_value: - va_arg(params, char *); - - if(current_form->value) { - if(current_form->flags & HTTPPOST_BUFFER) { - if(filename) { - if((current_form = AddFormInfo(strdup(filename), - NULL, current_form)) == NULL) - return_value = CURL_FORMADD_MEMORY; - } - else - return_value = CURL_FORMADD_NULL; - } - else - return_value = CURL_FORMADD_OPTION_TWICE; - } - else { - if(filename) { - current_form->value = strdup(filename); - if(!current_form->value) - return_value = CURL_FORMADD_MEMORY; - } - else - return_value = CURL_FORMADD_NULL; - current_form->flags |= HTTPPOST_BUFFER; - } - break; - } - case CURLFORM_BUFFERPTR: - current_form->flags |= HTTPPOST_PTRBUFFER; + current_form->flags |= HTTPPOST_PTRBUFFER|HTTPPOST_BUFFER; if(current_form->buffer) return_value = CURL_FORMADD_OPTION_TWICE; else { char *buffer = array_state?array_value:va_arg(params, char *); - if(buffer) + if(buffer) { current_form->buffer = buffer; /* store for the moment */ + current_form->value = buffer; /* make it non-NULL to be accepted + as fine */ + } else return_value = CURL_FORMADD_NULL; } @@ -567,8 +536,8 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, if(current_form->flags & HTTPPOST_FILENAME) { if(contenttype) { if((current_form = AddFormInfo(NULL, - strdup(contenttype), - current_form)) == NULL) + strdup(contenttype), + current_form)) == NULL) return_value = CURL_FORMADD_MEMORY; } else @@ -606,6 +575,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, break; } case CURLFORM_FILENAME: + case CURLFORM_BUFFER: { const char *filename = array_state?array_value: va_arg(params, char *); @@ -622,6 +592,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, } default: return_value = CURL_FORMADD_UNKNOWN_OPTION; + break; } } @@ -884,10 +855,11 @@ int curl_formget(struct curl_httppost *form, void *arg, do { nread = readfromfile(&temp, buffer, sizeof(buffer)); - if((nread == (size_t) -1) || (nread != append(arg, buffer, nread))) { - if(temp.fp) { + if((nread == (size_t) -1) || + (nread > sizeof(buffer)) || + (nread != append(arg, buffer, nread))) { + if(temp.fp) fclose(temp.fp); - } Curl_formclean(&data); return -1; } @@ -925,7 +897,8 @@ void curl_formfree(struct curl_httppost *form) if(!(form->flags & HTTPPOST_PTRNAME) && form->name) free(form->name); /* free the name */ - if(!(form->flags & (HTTPPOST_PTRCONTENTS|HTTPPOST_CALLBACK)) && + if(!(form->flags & + (HTTPPOST_PTRCONTENTS|HTTPPOST_BUFFER|HTTPPOST_CALLBACK)) && form->contents) free(form->contents); /* free the contents */ if(form->contenttype) @@ -1297,22 +1270,24 @@ int Curl_FormInit(struct Form *form, struct FormData *formdata ) return 0; } +/* + * readfromfile() + * + * The read callback that this function may use can return a value larger than + * 'size' (which then this function returns) that indicates a problem and it + * must be properly dealt with + */ static size_t readfromfile(struct Form *form, char *buffer, size_t size) { size_t nread; - bool callback = (bool)(form->data->type == FORM_CALLBACK); + bool callback = (form->data->type == FORM_CALLBACK)?TRUE:FALSE; if(callback) { if(form->fread_func == ZERO_NULL) return 0; else nread = form->fread_func(buffer, 1, size, form->data->line); - - if(nread > size) - /* the read callback can return a value larger than the buffer but - treat any such as no data in this case */ - nread = 0; } else { if(!form->fp) { |