Commit 61788a03 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Changed how boundary strings are generated. This new way uses 28 dashes 

and 12 following hexadecimal letters, which seems to be what IE uses.
This makes curl work smoother with more stupidly written server apps.

Worked this out together with Martijn Broenland.
parent 0821447b

lib/formdata.c

+11 −13
Original line number Diff line number Diff line
@@ -128,11 +128,8 @@ Content-Disposition: form-data; name="FILECONTENT" 
#include "memdebug.h"

#endif



/* Length of the random boundary string. The risk of this being used

   in binary data is very close to zero, 64^32 makes

   6277101735386680763835789423207666416102355444464034512896

   combinations... */

#define BOUNDARY_LENGTH 32

/* Length of the random boundary string. */

#define BOUNDARY_LENGTH 40



/* What kind of Content-Type to use on un-specified files with unrecognized

   extensions. */
@@ -1049,22 +1046,23 @@ char *Curl_FormBoundary(void) 
			      the same form won't be identical */

  int i;



  static char table62[]=

    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";

  static char table16[]="abcdef0123456789";



  retstring = (char *)malloc(BOUNDARY_LENGTH);

  retstring = (char *)malloc(BOUNDARY_LENGTH+1);



  if(!retstring)

    return NULL; /* failed */



  srand(time(NULL)+randomizer++); /* seed */



  strcpy(retstring, "curl"); /* bonus commercials 8*) */

  strcpy(retstring, "----------------------------");



  for(i=4; i<(BOUNDARY_LENGTH-1); i++) {

    retstring[i] = table62[rand()%62];

  }

  retstring[BOUNDARY_LENGTH-1]=0; /* zero terminate */

  for(i=strlen(retstring); i<BOUNDARY_LENGTH; i++)

    retstring[i] = table16[rand()%16];



  /* 28 dashes and 12 hexadecimal digits makes 12^16 (184884258895036416)

     combinations */

  retstring[BOUNDARY_LENGTH]=0; /* zero terminate */



  return retstring;

}