/* nextarg MUST be a string in the format 'name=contents' and we'll
build a linked list with the info */
char name[256];
- char contents[4096]="";
+ char *contents;
char major[128];
char minor[128];
long flags = 0;
struct HttpPost *subpost; /* a sub-node */
unsigned int i;
- if(1 <= sscanf(input, "%255[^=]=%4095[^\n]", name, contents)) {
+ /* Preallocate contents to the length of input to make sure we don't
+ overwrite anything. */
+ contents = malloc(strlen(input));
+ contents[0] = '\000';
+
+ if(1 <= sscanf(input, "%255[^=]=%[^\n]", name, contents)) {
/* the input was using the correct format */
contp = contents;
if(2 != sscanf(type, "%127[^/]/%127[^,\n]",
major, minor)) {
fprintf(stderr, "Illegally formatted content-type field!\n");
+ free(contents);
return 2; /* illegal content-type syntax! */
}
/* now point beyond the content-type specifier */
}
else {
fprintf(stderr, "Illegally formatted input field!\n");
+ free(contents);
return 1;
}
+ free(contents);
return 0;
}