From 10e9289921ef7d904d576a40ec64481b7ddbfa87 Mon Sep 17 00:00:00 2001 From: Thomas Kolb Date: Sat, 17 Dec 2016 00:00:07 +0100 Subject: [PATCH] Prevent buffer overflows by urlencode() --- src/dirlisting.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/dirlisting.c b/src/dirlisting.c index 82ed552..2a26d61 100644 --- a/src/dirlisting.c +++ b/src/dirlisting.c @@ -68,10 +68,10 @@ char* gen_html(const char *url, struct Entry *entries, size_t numentries, int up size_t allocated; size_t i; - const unsigned int BUFSIZE = 2*PATH_MAX; + const size_t BUFSIZE = 5*PATH_MAX; char buf[BUFSIZE]; char fullpath[PATH_MAX]; - char encName[2*PATH_MAX]; + char encName[3*PATH_MAX]; // urlencode grows string by factor 3 at most // allocate a buffer for the result string allocated = strlen(HEADER1 HEADER2 FOOTER) + 64 * numentries + 4096;