formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used

The internal function that's used to detect known file extensions for the default Content-Type got the the wrong pointer passed in when CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that strlen() would be used which could lead to an out-of-bounds read (and thus segfault). In most cases it would only lead to it not finding or using the correct default content-type. It also showed that test 554 and test 587 were testing for the previous/wrong behavior and now they're updated as well. Bug: http://curl.haxx.se/bug/view.cgi?id=1262 Reported-by: Konstantin Isakov
2013-08-04 23:27:27 +02:00
parent 51f0b798fa
commit 0ddc678927
3 changed files with 10 additions and 8 deletions
--- a/tests/data/test554
+++ b/tests/data/test554
@@ -45,7 +45,7 @@ s/boundary=------------------------[a-z0-9]*/boundary=--------------------------
 POST /554 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*
-Content-Length: 732
+Content-Length: 718
 Expect: 100-continue
 Content-Type: multipart/form-data; boundary=----------------------------

@@ -69,7 +69,7 @@ Content-Disposition: form-data; name="submit"
 send
 ------------------------------
 Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: application/octet-stream
+Content-Type: text/plain

 blah blah
 --------------------------------