From e6f08b0aa79a07bcadff203c91245db0dcd155b7 Mon Sep 17 00:00:00 2001 From: Joshua Oreman Date: Tue, 26 Jan 2010 23:55:23 -0500 Subject: [uri] Handle an empty unparse_uri() result properly Previously, if none of the URI parts requested existed in the passed URI, unparse_uri() would not touch the destination buffer at all; this could lead to use of uninitialized data. Fix by setting buf[0] = '\0' before unparsing whenever we have room to do so. Signed-off-by: Joshua Oreman Signed-off-by: Marty Connor --- src/core/uri.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/core/uri.c b/src/core/uri.c index 9666778..6a1f2e5 100644 --- a/src/core/uri.c +++ b/src/core/uri.c @@ -225,12 +225,13 @@ int unparse_uri ( char *buf, size_t size, struct uri *uri, dump_uri ( uri ); DBG ( "\n" ); + /* Ensure buffer is NUL-terminated */ + if ( size ) + buf[0] = '\0'; + /* Special-case NULL URI */ - if ( ! uri ) { - if ( size ) - buf[0] = '\0'; + if ( ! uri ) return 0; - } /* Iterate through requested fields */ for ( i = URI_FIRST_FIELD; i <= URI_LAST_FIELD; i++ ) { -- cgit v1.1