Loading docs/libcurl/curl_easy_unescape.3 +5 −2 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms Loading Loading @@ -40,7 +40,10 @@ will use strlen() on the input \fIurl\fP string to find out the size. If \fBoutlength\fP is non-NULL, the function will write the length of the returned string in the integer it points to. This allows an escaped string containing %00 to still get used properly after unescaping. containing %00 to still get used properly after unescaping. Since this is a pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no longer string can be unescaped if the string length is returned in this parameter. You must \fIcurl_free(3)\fP the returned string when you're done with it. .SH AVAILABILITY Loading lib/dict.c +5 −5 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -52,7 +52,7 @@ #include <curl/curl.h> #include "transfer.h" #include "sendf.h" #include "escape.h" #include "progress.h" #include "strequal.h" #include "dict.h" Loading Loading @@ -96,12 +96,12 @@ static char *unescape_word(struct Curl_easy *data, const char *inputbuff) char *newp; char *dictp; char *ptr; int len; size_t len; char ch; int olen=0; newp = curl_easy_unescape(data, inputbuff, 0, &len); if(!newp) CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE); if(!newp || result) return NULL; dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ Loading lib/escape.c +8 −2 Original line number Diff line number Diff line Loading @@ -224,8 +224,14 @@ char *curl_easy_unescape(struct Curl_easy *data, const char *string, FALSE); if(res) return NULL; if(olen) if(olen) { if(outputlen <= (size_t) INT_MAX) *olen = curlx_uztosi(outputlen); else /* too large to return in an int, fail! */ Curl_safefree(str); } } return str; } Loading Loading
docs/libcurl/curl_easy_unescape.3 +5 −2 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms Loading Loading @@ -40,7 +40,10 @@ will use strlen() on the input \fIurl\fP string to find out the size. If \fBoutlength\fP is non-NULL, the function will write the length of the returned string in the integer it points to. This allows an escaped string containing %00 to still get used properly after unescaping. containing %00 to still get used properly after unescaping. Since this is a pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no longer string can be unescaped if the string length is returned in this parameter. You must \fIcurl_free(3)\fP the returned string when you're done with it. .SH AVAILABILITY Loading
lib/dict.c +5 −5 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -52,7 +52,7 @@ #include <curl/curl.h> #include "transfer.h" #include "sendf.h" #include "escape.h" #include "progress.h" #include "strequal.h" #include "dict.h" Loading Loading @@ -96,12 +96,12 @@ static char *unescape_word(struct Curl_easy *data, const char *inputbuff) char *newp; char *dictp; char *ptr; int len; size_t len; char ch; int olen=0; newp = curl_easy_unescape(data, inputbuff, 0, &len); if(!newp) CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE); if(!newp || result) return NULL; dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */ Loading
lib/escape.c +8 −2 Original line number Diff line number Diff line Loading @@ -224,8 +224,14 @@ char *curl_easy_unescape(struct Curl_easy *data, const char *string, FALSE); if(res) return NULL; if(olen) if(olen) { if(outputlen <= (size_t) INT_MAX) *olen = curlx_uztosi(outputlen); else /* too large to return in an int, fail! */ Curl_safefree(str); } } return str; } Loading
