url: Fixed missing length check in parse_proxy()

author Steve Holme <steve_holme@hotmail.com>

Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)

committer Steve Holme <steve_holme@hotmail.com>

Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)
author Steve Holme <steve_holme@hotmail.com>
Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)
committer Steve Holme <steve_holme@hotmail.com>
Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)
diff --git a/lib/url.c b/lib/url.c

index 50b00e7..b438292 100644 (file)
--- a/lib/url.c
+++ b/lib/url.c
@@ -4208,7 +4208,7 @@ static CURLcode parse_proxy(struct SessionHandle *data,
           username or password with reserved characters like ':' in
           them. */
        Curl_safefree(conn->proxyuser);
-      if(proxyuser)
+      if(proxyuser && strlen(proxyuser) < MAX_CURL_USER_LENGTH)
          conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
        else
          conn->proxyuser = strdup("");
@@ -4217,7 +4217,7 @@ static CURLcode parse_proxy(struct SessionHandle *data,
          res = CURLE_OUT_OF_MEMORY;
        else {
          Curl_safefree(conn->proxypasswd);
-        if(proxypasswd)
+        if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
            conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
          else
            conn->proxypasswd = strdup("");
author	Steve Holme <steve_holme@hotmail.com>
	Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)
committer	Steve Holme <steve_holme@hotmail.com>
	Sun, 21 Apr 2013 17:29:33 +0000 (18:29 +0100)