From 5d91bea365095ffc1c45ff79b1fa1d1ece8d63ad Mon Sep 17 00:00:00 2001
From: Stefan Knoblich <stkn@freeswitch.org>
Date: Wed, 21 May 2008 21:31:17 +0000
Subject: [PATCH] switch_url_encode now takes the full length of the buffer and
 null-terminates the string properly (Klocwork #1030)

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@8510 d0543943-73ff-0310-b7d9-9358b9ac24b2
---
 src/mod/applications/mod_voicemail/mod_voicemail.c |  2 +-
 src/mod/formats/mod_shout/mod_shout.c              |  2 +-
 src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c          |  2 +-
 src/switch_channel.c                               |  4 ++--
 src/switch_event.c                                 |  6 +++---
 src/switch_utils.c                                 | 14 ++++++++------
 6 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/src/mod/applications/mod_voicemail/mod_voicemail.c b/src/mod/applications/mod_voicemail/mod_voicemail.c
index 84d5d8bb1b..1c3adb5d83 100644
--- a/src/mod/applications/mod_voicemail/mod_voicemail.c
+++ b/src/mod/applications/mod_voicemail/mod_voicemail.c
@@ -2516,7 +2516,7 @@ static int web_callback(void *pArg, int argc, char **argv, char **columnNames)
 		strcmp(argv[10], URGENT_FLAG_STRING) ? "normal" : "urgent", create_date, heard, duration_str);
 
 	switch_snprintf(title_b4, sizeof(title_b4), "%s <%s> %s", argv[5], argv[6], rss_date);
-	switch_url_encode(title_b4, title_aft, sizeof(title_aft)-1);
+	switch_url_encode(title_b4, title_aft, sizeof(title_aft));
 
 	holder->stream->write_function(holder->stream,
 		"<br><object width=550 height=15 \n"
diff --git a/src/mod/formats/mod_shout/mod_shout.c b/src/mod/formats/mod_shout/mod_shout.c
index 46124c8c3b..3dea206d30 100644
--- a/src/mod/formats/mod_shout/mod_shout.c
+++ b/src/mod/formats/mod_shout/mod_shout.c
@@ -1017,7 +1017,7 @@ static int web_callback(void *pArg, int argc, char **argv, char **columnNames)
                                    argv[1], argv[4], argv[5], argv[7], argv[8] ? argv[8] : "N/A", argv[9] ? argv[9] : "N/A", argv[10], argv[11]);
     
     snprintf(title_b4, sizeof(title_b4), "%s <%s>", argv[4], argv[5]);
-    switch_url_encode(title_b4, title_aft, sizeof(title_aft)-1);
+    switch_url_encode(title_b4, title_aft, sizeof(title_aft));
 
     mp3 = switch_mprintf("http://%s:%s%s/mp3/%s/%s.mp3", holder->host, holder->port, holder->uri, argv[0], argv[5]);
     m3u = switch_mprintf("http://%s:%s%s/m3u/mp3/%s/%s.mp3.m3u", holder->host, holder->port, holder->uri, argv[0], argv[5]);
diff --git a/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c b/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
index d5c5508152..d54a6f1161 100644
--- a/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
+++ b/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
@@ -133,7 +133,7 @@ static switch_status_t my_on_hangup(switch_core_session_t *session)
 			memset(xml_text_escaped, 0, need_bytes);
 			if (globals.encode == 1) {
 				headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");
-				switch_url_encode(xml_text, xml_text_escaped, need_bytes - 1);
+				switch_url_encode(xml_text, xml_text_escaped, need_bytes);
 			} else {
 				headers = curl_slist_append(headers, "Content-Type: application/x-www-form-base64-encoded");
 				switch_b64_encode((unsigned char *)xml_text, need_bytes / 3, (unsigned char *)xml_text_escaped, need_bytes);
diff --git a/src/switch_channel.c b/src/switch_channel.c
index d01591213e..e7df11d98c 100644
--- a/src/switch_channel.c
+++ b/src/switch_channel.c
@@ -1877,7 +1877,7 @@ SWITCH_DECLARE(char *) switch_channel_build_param_string(switch_channel_t *chann
 
 			encode_buf = tmp;
 		}
-		switch_url_encode(prof[x], encode_buf, encode_len - 1);
+		switch_url_encode(prof[x], encode_buf, encode_len);
 		stream.write_function(&stream, "%s=%s&", prof_names[x], encode_buf);
 	}
 
@@ -1897,7 +1897,7 @@ SWITCH_DECLARE(char *) switch_channel_build_param_string(switch_channel_t *chann
 				encode_buf = tmp;
 			}
 
-			switch_url_encode((char *) val, encode_buf, encode_len - 1);
+			switch_url_encode((char *) val, encode_buf, encode_len);
 			stream.write_function(&stream, "%s=%s&", (char *) var, encode_buf);
 
 		}
diff --git a/src/switch_event.c b/src/switch_event.c
index 80552616b5..579ec46740 100644
--- a/src/switch_event.c
+++ b/src/switch_event.c
@@ -770,7 +770,7 @@ SWITCH_DECLARE(switch_status_t) switch_event_serialize(switch_event_t *event, ch
 
 		/* handle any bad things in the string like newlines : etc that screw up the serialized format */
 		if (encode) {
-			switch_url_encode(hp->value, encode_buf, encode_len - 1);
+			switch_url_encode(hp->value, encode_buf, encode_len);
 		} else {
 			switch_snprintf(encode_buf, encode_len, "[%s]", hp->value);
 		}
@@ -1319,7 +1319,7 @@ SWITCH_DECLARE(char *) switch_event_build_param_string(switch_event_t *event, co
 
 			encode_buf = tmp;
 		}
-		switch_url_encode(prof[x], encode_buf, encode_len - 1);
+		switch_url_encode(prof[x], encode_buf, encode_len);
 		stream.write_function(&stream, "%s=%s&", prof_names[x], encode_buf);
 	}
 
@@ -1348,7 +1348,7 @@ SWITCH_DECLARE(char *) switch_event_build_param_string(switch_event_t *event, co
 					encode_buf = tmp;
 				}
 
-				switch_url_encode((char *) val, encode_buf, encode_len - 1);
+				switch_url_encode((char *) val, encode_buf, encode_len);
 				stream.write_function(&stream, "%s=%s&", (char *) var, encode_buf);
 
 			}
diff --git a/src/switch_utils.c b/src/switch_utils.c
index b59bbfffcb..f9ce852a2c 100644
--- a/src/switch_utils.c
+++ b/src/switch_utils.c
@@ -1415,15 +1415,18 @@ SWITCH_DECLARE(size_t) switch_url_encode(const char *url, char *buf, size_t len)
 		return 0;
 	}
 
-	memset(buf, 0, len);
-
 	if (!url) {
 		return 0;
 	}
 
+	len--;
+
 	for (p = url; *p; p++) {
+		if (x >= len) {
+			break;
+		}
 		if (*p < ' ' || *p > '~' || strchr(urlunsafe, *p)) {
-			if ((x + 3) > len) {
+			if ((x + 3) >= len) {
 				break;
 			}
 			buf[x++] = '%';
@@ -1432,10 +1435,9 @@ SWITCH_DECLARE(size_t) switch_url_encode(const char *url, char *buf, size_t len)
 		} else {
 			buf[x++] = *p;
 		}
-		if (x == len) {
-			break;
-		}
 	}
+	buf[x] = '\0';
+
 	return x;
 }