From 0ddc678927eaa127efc457535858c19e791a5339 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 4 Aug 2013 23:27:27 +0200
Subject: formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used

The internal function that's used to detect known file extensions for
the default Content-Type got the the wrong pointer passed in when
CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that
strlen() would be used which could lead to an out-of-bounds read (and
thus segfault). In most cases it would only lead to it not finding or
using the correct default content-type.

It also showed that test 554 and test 587 were testing for the
previous/wrong behavior and now they're updated as well.

Bug: http://curl.haxx.se/bug/view.cgi?id=1262
Reported-by: Konstantin Isakov
---
 tests/data/test554 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'tests/data/test554')

diff --git a/tests/data/test554 b/tests/data/test554
index 8c6b762ef..b442230c9 100644
--- a/tests/data/test554
+++ b/tests/data/test554
@@ -45,7 +45,7 @@ s/boundary=------------------------[a-z0-9]*/boundary=--------------------------
 POST /554 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*
-Content-Length: 732
+Content-Length: 718
 Expect: 100-continue
 Content-Type: multipart/form-data; boundary=----------------------------
 
@@ -69,7 +69,7 @@ Content-Disposition: form-data; name="submit"
 send
 ------------------------------
 Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: application/octet-stream
+Content-Type: text/plain
 
 blah blah
 --------------------------------
-- 
cgit v1.2.3