generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

checksrc: ban unsafe functions

Browse Source 
The list of unsafe functions currently consists of sprintf, vsprintf,
strcat, strncat and gets.

Subsequently, some existing code needed updating to avoid warnings on
this.
This commit is contained in:
Daniel Stenberg
2013-03-06 13:27:51 +01:00
parent 9ceee69ff7
commit 7f963a19ec
10 changed files with 65 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/tool_operhlp.c
View File

@@ -123,22 +123,20 @@ char *add_file_name_to_url(CURL *curl, char *url, const char *filename)
/* URL encode the file name */
encfile = curl_easy_escape(curl, filep, 0 /* use strlen */);
if(encfile) {
char *urlbuffer = malloc(strlen(url) + strlen(encfile) + 3);
if(!urlbuffer) {
curl_free(encfile);
Curl_safefree(url);
return NULL;
}
char *urlbuffer;
if(ptr)
/* there is a trailing slash on the URL */
sprintf(urlbuffer, "%s%s", url, encfile);
urlbuffer = aprintf("%s%s", url, encfile);
else
/* there is no trailing slash on the URL */
sprintf(urlbuffer, "%s/%s", url, encfile);
urlbuffer = aprintf("%s/%s", url, encfile);
curl_free(encfile);
Curl_safefree(url);
if(!urlbuffer)
return NULL;
url = urlbuffer; /* use our new URL instead! */
}
}