From c454d7f3f433954bcc8300b2a8dd7d9ed0a80d2f Mon Sep 17 00:00:00 2001 From: Omar Ramadan Date: Sat, 18 May 2019 16:48:00 -0700 Subject: urlapi: increase supported scheme length to 40 bytes The longest currently registered URI scheme at IANA is 36 bytes long. Closes #3905 Closes #3900 --- lib/urlapi.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lib/urlapi.c') diff --git a/lib/urlapi.c b/lib/urlapi.c index 3fef2fcf7..d07e4f5df 100644 --- a/lib/urlapi.c +++ b/lib/urlapi.c @@ -652,7 +652,7 @@ static CURLUcode seturl(const char *url, CURLU *u, unsigned int flags) char *fragment = NULL; CURLUcode result; bool url_has_scheme = FALSE; - char schemebuf[MAX_SCHEME_LEN]; + char schemebuf[MAX_SCHEME_LEN + 1]; char *schemep = NULL; size_t schemelen = 0; size_t urllen; @@ -1217,6 +1217,9 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what, switch(what) { case CURLUPART_SCHEME: + if(strlen(part) > MAX_SCHEME_LEN) + /* too long */ + return CURLUE_MALFORMED_INPUT; if(!(flags & CURLU_NON_SUPPORT_SCHEME) && /* verify that it is a fine scheme */ !Curl_builtin_scheme(part)) @@ -1279,7 +1282,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what, char *redired_url; CURLU *handle2; - if(Curl_is_absolute_url(part, NULL, MAX_SCHEME_LEN)) { + if(Curl_is_absolute_url(part, NULL, MAX_SCHEME_LEN + 1)) { handle2 = curl_url(); if(!handle2) return CURLUE_OUT_OF_MEMORY; -- cgit v1.2.3