From 9885c9508ec757f7f658dab11658e4a3e643a420 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 8 Oct 2016 12:50:42 +0200
Subject: formpost: avoid silent snprintf() truncation

The previous use of snprintf() could make libcurl silently truncate some
input data and not report that back on overly large input, which could
make data get sent over the network in a bad format.

Example:

 $ curl --form 'a=b' -H "Content-Type: $(perl -e 'print "A"x4100')"
---
 lib/formdata.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/formdata.h')

diff --git a/lib/formdata.h b/lib/formdata.h
index 6eb7c6c9e..200470b50 100644
--- a/lib/formdata.h
+++ b/lib/formdata.h
@@ -23,6 +23,7 @@
  ***************************************************************************/
 
 enum formtype {
+  FORM_DATAMEM, /* already allocated FORM_DATA memory */
   FORM_DATA,    /* form metadata (convert to network encoding if necessary) */
   FORM_CONTENT, /* form content  (never convert) */
   FORM_CALLBACK, /* 'line' points to the custom pointer we pass to the callback
-- 
cgit v1.2.3