From 10e9289921ef7d904d576a40ec64481b7ddbfa87 Mon Sep 17 00:00:00 2001
From: Thomas Kolb <thomas@tkolb.de>
Date: Sat, 17 Dec 2016 00:00:07 +0100
Subject: [PATCH] Prevent buffer overflows by urlencode()

---
 src/dirlisting.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/dirlisting.c b/src/dirlisting.c
index 82ed552..2a26d61 100644
--- a/src/dirlisting.c
+++ b/src/dirlisting.c
@@ -68,10 +68,10 @@ char* gen_html(const char *url, struct Entry *entries, size_t numentries, int up
   size_t allocated;
   size_t i;
 
-  const unsigned int BUFSIZE = 2*PATH_MAX;
+  const size_t BUFSIZE = 5*PATH_MAX;
   char buf[BUFSIZE];
   char fullpath[PATH_MAX];
-  char encName[2*PATH_MAX];
+  char encName[3*PATH_MAX]; // urlencode grows string by factor 3 at most
 
   // allocate a buffer for the result string
   allocated = strlen(HEADER1 HEADER2 FOOTER) + 64 * numentries + 4096;