curl_unescape() could make a buffer overflow

2000-03-20 10:22:12 +00:00
parent bc5c4b8953
commit 211b9e552d
1 changed files with 2 additions and 2 deletions
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -47,7 +47,7 @@

 char *curl_escape(char *string)
 {
-   int alloc=strlen(string);
+   int alloc=strlen(string)+1;
   char *ns = malloc(alloc);
   unsigned char in;
   int newlen = alloc;
@@ -83,7 +83,7 @@ char *curl_escape(char *string)

 char *curl_unescape(char *string)
 {
-   int alloc = strlen(string);
+   int alloc = strlen(string)+1;
   char *ns = malloc(alloc);
   unsigned char in;
   int index=0;