Merge branch 'master' into curl-smtp

author: shtrophic 2025-02-22 11:40:54 +0000
committer: shtrophic 2025-02-22 11:40:54 +0000
commit: beb500360c32ee459201a087dbed57a447b1f0db (patch)
tree: cde2f140812aa913bc8668fc2e0dad9ec1b2211c
parent: duping isn't necessary as xs_vals are copied anyway (right?) (diff)
parent: Merge pull request 'Fix memory leak in multipart parsing' (#307) from inz/sna... (diff)
download: penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.tar.gz
penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.tar.xz
penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.zip
2 files changed, 14 insertions, 13 deletions
diff --git a/xs.h b/xs.h
index b53885e..ab5a264 100644
--- a/xs.h
+++ b/xs.h
@@ -398,6 +398,7 @@ xs_val *xs_dup(const xs_val *data)
 xs_val *xs_expand(xs_val *data, int offset, int size)
 /* opens a hole in data */
 {
+    xstype type = xs_type(data);
    int sz = xs_size(data);
    int n;
@@ -410,9 +411,9 @@ xs_val *xs_expand(xs_val *data, int offset, int size)
    for (n = sz - 1; n >= offset + size; n--)
        data[n] = data[n - size];
-    if (xs_type(data) == XSTYPE_LIST ||
+    if (type == XSTYPE_LIST ||
-        xs_type(data) == XSTYPE_DICT ||
+        type == XSTYPE_DICT ||
-        xs_type(data) == XSTYPE_DATA)
+        type == XSTYPE_DATA)
        _xs_put_size(data, sz);
    return data;
diff --git a/xs_url.h b/xs_url.h
index 37d2391..7bdff49 100644
--- a/xs_url.h
+++ b/xs_url.h
@@ -185,18 +185,16 @@ xs_dict *xs_multipart_form_data(const char *payload, int p_size, const char *hea
    /* iterate searching the boundaries */
    while ((p = xs_memmem(payload + offset, p_size - offset, boundary, bsz)) != NULL) {
-        xs *s1 = NULL;
+        xs *vn = NULL;
-        xs *l1 = NULL;
+        xs *fn = NULL;
-        const char *vn = NULL;
+        xs *ct = NULL;
-        const char *fn = NULL;
-        const char *ct = NULL;
        char *q;
        int po, ps;
        /* final boundary? */
        p += bsz;
-        if (p[0] == '-' && p[1] == '-')
+        if ((p - payload) + 2 > p_size || (p[0] == '-' && p[1] == '-'))
            break;
        /* skip the \r\n */
@@ -205,9 +203,11 @@ xs_dict *xs_multipart_form_data(const char *payload, int p_size, const char *hea
        /* Tokodon sends also a Content-Type headers,
           let's use it to determine the file type */
        do {
-            if (p[0] == 13 && p[1] == 10)
+            xs *s1 = NULL;
+            xs *l1 = NULL;
+            if (p[0] == '\r' && p[1] == '\n')
                break;
-            q = strchr(p, '\r');
+            q = memchr(p, '\r', p_size - (p - payload));
            /* unexpected formatting, fail immediately */
            if (q == NULL)
@@ -222,12 +222,12 @@ xs_dict *xs_multipart_form_data(const char *payload, int p_size, const char *hea
                l1 = xs_split(s1, "\"");
                /* get the variable name */
-                vn = xs_list_get(l1, 1);
+                vn = xs_dup(xs_list_get(l1, 1));
                /* is it an attached file? */
                if (xs_list_len(l1) >= 4 && strcmp(xs_list_get(l1, 2), "; filename=") == 0) {
                    /* get the file name */
-                    fn = xs_list_get(l1, 3);
+                    fn = xs_dup(xs_list_get(l1, 3));
                }
            }
            else
author	shtrophic	2025-02-22 11:40:54 +0000
committer	shtrophic	2025-02-22 11:40:54 +0000
commit	beb500360c32ee459201a087dbed57a447b1f0db (patch)
tree	cde2f140812aa913bc8668fc2e0dad9ec1b2211c
parent	duping isn't necessary as xs_vals are copied anyway (right?) (diff)
parent	Merge pull request 'Fix memory leak in multipart parsing' (#307) from inz/sna... (diff)
download	penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.tar.gz penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.tar.xz penes-snac2-beb500360c32ee459201a087dbed57a447b1f0db.zip