[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 120/254: formboundary: convert assert into run-time
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 120/254: formboundary: convert assert into run-time check |
|
Date: |
Sat, 17 Jun 2017 16:52:32 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.1
in repository gnurl.
commit 158d7016419429e7741ec35d0d6e256985762347
Author: Daniel Stenberg <address@hidden>
AuthorDate: Tue May 9 09:08:25 2017 +0200
formboundary: convert assert into run-time check
... to really make sure the boundary fits in the target buffer.
Fixes unused parameter 'buflen' warning.
Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
---
lib/formdata.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/formdata.c b/lib/formdata.c
index 4c3cf203c..f8a93d594 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -1557,7 +1557,8 @@ static CURLcode formboundary(struct Curl_easy *data,
{
/* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615)
combinations */
- DEBUGASSERT(buflen >= 41);
+ if(buflen < 41)
+ return CURLE_BAD_FUNCTION_ARGUMENT;
memset(buffer, '-', 24);
Curl_rand_hex(data, (unsigned char *)&buffer[24], 17);
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 152/254: ssh: ignore timeouts during disconnect, (continued)
- [GNUnet-SVN] [gnurl] 152/254: ssh: ignore timeouts during disconnect, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 211/254: dedotdot: fixed output for ".." and "." only input, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 206/254: curl_endian: remove unused functions, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 169/254: examples: fix Wimplicit-fallthrough warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 158/254: cmake: remove CURL_CA_BUNDLE from cmake TODO, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 178/254: RELEASE-NOTES: synced with 3aaac8c2f, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 202/254: typecheck-gcc.h: check CURLINFO_CERTINFO, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 230/254: test1521: make the code < 80 columns wide, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 72/254: ssh: fix compiler warning from e40e9d7f0de, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 50/254: curl_setup: Ensure no more than one IDN lib is enabled, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 120/254: formboundary: convert assert into run-time check,
gnunet <=
- [GNUnet-SVN] [gnurl] 114/254: tool_msgs: remove wrong cast, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 98/254: tests: fix -Wcast-qual warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 228/254: typecheck-gcc: allow CURLOPT_STDERR to be NULL too, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 212/254: tool_util: remove unused tvdiff_secs and remove tool_ prefix, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 143/254: RELEASE-NOTES: synced with eb16305e6, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 93/254: unit1305: fix compiler warning, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 226/254: test1538: added "verbose logs" keyword, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 239/254: examples/multi-uv.c: fix deprecated symbol, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 159/254: cmake: remove unused variables: GNUTLS_ENABLED, NSS_ENABLED, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 173/254: TODO: 6.4 is done, send telnet data in chunks, gnunet, 2017/06/17