Loading docs/libcurl/curl_easy_unescape.3 +5 −2 Original line number Original line Diff line number Diff line Loading @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * \___|\___/|_| \_\_____| .\" * .\" * .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * .\" * This software is licensed as described in the file COPYING, which .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms .\" * you should have received as part of this distribution. The terms Loading Loading @@ -40,7 +40,10 @@ will use strlen() on the input \fIurl\fP string to find out the size. If \fBoutlength\fP is non-NULL, the function will write the length of the If \fBoutlength\fP is non-NULL, the function will write the length of the returned string in the integer it points to. This allows an escaped string returned string in the integer it points to. This allows an escaped string containing %00 to still get used properly after unescaping. containing %00 to still get used properly after unescaping. Since this is a pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no longer string can be unescaped if the string length is returned in this parameter. You must \fIcurl_free(3)\fP the returned string when you're done with it. You must \fIcurl_free(3)\fP the returned string when you're done with it. .SH AVAILABILITY .SH AVAILABILITY Loading lib/dict.c +5 −5 Original line number Original line Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____| * * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * * This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms Loading Loading @@ -52,7 +52,7 @@ #include <curl/curl.h> #include <curl/curl.h> #include "transfer.h" #include "transfer.h" #include "sendf.h" #include "sendf.h" #include "escape.h" #include "progress.h" #include "progress.h" #include "strequal.h" #include "strequal.h" #include "dict.h" #include "dict.h" Loading Loading @@ -96,12 +96,12 @@ static char *unescape_word(struct Curl_easy *data, const char *inputbuff) char *newp; char *newp; char *dictp; char *dictp; char *ptr; char *ptr; int len; size_t len; char ch; char ch; int olen=0; int olen=0; newp = curl_easy_unescape(data, inputbuff, 0, &len); CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE); if(!newp) if(!newp || result) return NULL; return NULL; dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ Loading lib/escape.c +8 −2 Original line number Original line Diff line number Diff line Loading @@ -224,8 +224,14 @@ char *curl_easy_unescape(struct Curl_easy *data, const char *string, FALSE); FALSE); if(res) if(res) return NULL; return NULL; if(olen) if(olen) { if(outputlen <= (size_t) INT_MAX) *olen = curlx_uztosi(outputlen); *olen = curlx_uztosi(outputlen); else /* too large to return in an int, fail! */ Curl_safefree(str); } } } return str; return str; } } Loading Loading
docs/libcurl/curl_easy_unescape.3 +5 −2 Original line number Original line Diff line number Diff line Loading @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * \___|\___/|_| \_\_____| .\" * .\" * .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * .\" * This software is licensed as described in the file COPYING, which .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms .\" * you should have received as part of this distribution. The terms Loading Loading @@ -40,7 +40,10 @@ will use strlen() on the input \fIurl\fP string to find out the size. If \fBoutlength\fP is non-NULL, the function will write the length of the If \fBoutlength\fP is non-NULL, the function will write the length of the returned string in the integer it points to. This allows an escaped string returned string in the integer it points to. This allows an escaped string containing %00 to still get used properly after unescaping. containing %00 to still get used properly after unescaping. Since this is a pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no longer string can be unescaped if the string length is returned in this parameter. You must \fIcurl_free(3)\fP the returned string when you're done with it. You must \fIcurl_free(3)\fP the returned string when you're done with it. .SH AVAILABILITY .SH AVAILABILITY Loading
lib/dict.c +5 −5 Original line number Original line Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____| * * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * * This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms Loading Loading @@ -52,7 +52,7 @@ #include <curl/curl.h> #include <curl/curl.h> #include "transfer.h" #include "transfer.h" #include "sendf.h" #include "sendf.h" #include "escape.h" #include "progress.h" #include "progress.h" #include "strequal.h" #include "strequal.h" #include "dict.h" #include "dict.h" Loading Loading @@ -96,12 +96,12 @@ static char *unescape_word(struct Curl_easy *data, const char *inputbuff) char *newp; char *newp; char *dictp; char *dictp; char *ptr; char *ptr; int len; size_t len; char ch; char ch; int olen=0; int olen=0; newp = curl_easy_unescape(data, inputbuff, 0, &len); CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE); if(!newp) if(!newp || result) return NULL; return NULL; dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ Loading
lib/escape.c +8 −2 Original line number Original line Diff line number Diff line Loading @@ -224,8 +224,14 @@ char *curl_easy_unescape(struct Curl_easy *data, const char *string, FALSE); FALSE); if(res) if(res) return NULL; return NULL; if(olen) if(olen) { if(outputlen <= (size_t) INT_MAX) *olen = curlx_uztosi(outputlen); *olen = curlx_uztosi(outputlen); else /* too large to return in an int, fail! */ Curl_safefree(str); } } } return str; return str; } } Loading
