From 5d91bea365095ffc1c45ff79b1fa1d1ece8d63ad Mon Sep 17 00:00:00 2001
From: Stefan Knoblich <stkn@freeswitch.org>
Date: Wed, 21 May 2008 21:31:17 +0000
Subject: [PATCH] switch_url_encode now takes the full length of the buffer and
null-terminates the string properly (Klocwork #1030)
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@8510 d0543943-73ff-0310-b7d9-9358b9ac24b2
---
src/mod/applications/mod_voicemail/mod_voicemail.c | 2 +-
src/mod/formats/mod_shout/mod_shout.c | 2 +-
src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c | 2 +-
src/switch_channel.c | 4 ++--
src/switch_event.c | 6 +++---
src/switch_utils.c | 14 ++++++++------
6 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/src/mod/applications/mod_voicemail/mod_voicemail.c b/src/mod/applications/mod_voicemail/mod_voicemail.c
index 84d5d8bb1b..1c3adb5d83 100644
--- a/src/mod/applications/mod_voicemail/mod_voicemail.c
+++ b/src/mod/applications/mod_voicemail/mod_voicemail.c
@@ -2516,7 +2516,7 @@ static int web_callback(void *pArg, int argc, char **argv, char **columnNames)
strcmp(argv[10], URGENT_FLAG_STRING) ? "normal" : "urgent", create_date, heard, duration_str);
switch_snprintf(title_b4, sizeof(title_b4), "%s <%s> %s", argv[5], argv[6], rss_date);
- switch_url_encode(title_b4, title_aft, sizeof(title_aft)-1);
+ switch_url_encode(title_b4, title_aft, sizeof(title_aft));
holder->stream->write_function(holder->stream,
"<br><object width=550 height=15 \n"
diff --git a/src/mod/formats/mod_shout/mod_shout.c b/src/mod/formats/mod_shout/mod_shout.c
index 46124c8c3b..3dea206d30 100644
--- a/src/mod/formats/mod_shout/mod_shout.c
+++ b/src/mod/formats/mod_shout/mod_shout.c
@@ -1017,7 +1017,7 @@ static int web_callback(void *pArg, int argc, char **argv, char **columnNames)
argv[1], argv[4], argv[5], argv[7], argv[8] ? argv[8] : "N/A", argv[9] ? argv[9] : "N/A", argv[10], argv[11]);
snprintf(title_b4, sizeof(title_b4), "%s <%s>", argv[4], argv[5]);
- switch_url_encode(title_b4, title_aft, sizeof(title_aft)-1);
+ switch_url_encode(title_b4, title_aft, sizeof(title_aft));
mp3 = switch_mprintf("http://%s:%s%s/mp3/%s/%s.mp3", holder->host, holder->port, holder->uri, argv[0], argv[5]);
m3u = switch_mprintf("http://%s:%s%s/m3u/mp3/%s/%s.mp3.m3u", holder->host, holder->port, holder->uri, argv[0], argv[5]);
diff --git a/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c b/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
index d5c5508152..d54a6f1161 100644
--- a/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
+++ b/src/mod/xml_int/mod_xml_cdr/mod_xml_cdr.c
@@ -133,7 +133,7 @@ static switch_status_t my_on_hangup(switch_core_session_t *session)
memset(xml_text_escaped, 0, need_bytes);
if (globals.encode == 1) {
headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");
- switch_url_encode(xml_text, xml_text_escaped, need_bytes - 1);
+ switch_url_encode(xml_text, xml_text_escaped, need_bytes);
} else {
headers = curl_slist_append(headers, "Content-Type: application/x-www-form-base64-encoded");
switch_b64_encode((unsigned char *)xml_text, need_bytes / 3, (unsigned char *)xml_text_escaped, need_bytes);
diff --git a/src/switch_channel.c b/src/switch_channel.c
index d01591213e..e7df11d98c 100644
--- a/src/switch_channel.c
+++ b/src/switch_channel.c
@@ -1877,7 +1877,7 @@ SWITCH_DECLARE(char *) switch_channel_build_param_string(switch_channel_t *chann
encode_buf = tmp;
}
- switch_url_encode(prof[x], encode_buf, encode_len - 1);
+ switch_url_encode(prof[x], encode_buf, encode_len);
stream.write_function(&stream, "%s=%s&", prof_names[x], encode_buf);
}
@@ -1897,7 +1897,7 @@ SWITCH_DECLARE(char *) switch_channel_build_param_string(switch_channel_t *chann
encode_buf = tmp;
}
- switch_url_encode((char *) val, encode_buf, encode_len - 1);
+ switch_url_encode((char *) val, encode_buf, encode_len);
stream.write_function(&stream, "%s=%s&", (char *) var, encode_buf);
}
diff --git a/src/switch_event.c b/src/switch_event.c
index 80552616b5..579ec46740 100644
--- a/src/switch_event.c
+++ b/src/switch_event.c
@@ -770,7 +770,7 @@ SWITCH_DECLARE(switch_status_t) switch_event_serialize(switch_event_t *event, ch
/* handle any bad things in the string like newlines : etc that screw up the serialized format */
if (encode) {
- switch_url_encode(hp->value, encode_buf, encode_len - 1);
+ switch_url_encode(hp->value, encode_buf, encode_len);
} else {
switch_snprintf(encode_buf, encode_len, "[%s]", hp->value);
}
@@ -1319,7 +1319,7 @@ SWITCH_DECLARE(char *) switch_event_build_param_string(switch_event_t *event, co
encode_buf = tmp;
}
- switch_url_encode(prof[x], encode_buf, encode_len - 1);
+ switch_url_encode(prof[x], encode_buf, encode_len);
stream.write_function(&stream, "%s=%s&", prof_names[x], encode_buf);
}
@@ -1348,7 +1348,7 @@ SWITCH_DECLARE(char *) switch_event_build_param_string(switch_event_t *event, co
encode_buf = tmp;
}
- switch_url_encode((char *) val, encode_buf, encode_len - 1);
+ switch_url_encode((char *) val, encode_buf, encode_len);
stream.write_function(&stream, "%s=%s&", (char *) var, encode_buf);
}
diff --git a/src/switch_utils.c b/src/switch_utils.c
index b59bbfffcb..f9ce852a2c 100644
--- a/src/switch_utils.c
+++ b/src/switch_utils.c
@@ -1415,15 +1415,18 @@ SWITCH_DECLARE(size_t) switch_url_encode(const char *url, char *buf, size_t len)
return 0;
}
- memset(buf, 0, len);
-
if (!url) {
return 0;
}
+ len--;
+
for (p = url; *p; p++) {
+ if (x >= len) {
+ break;
+ }
if (*p < ' ' || *p > '~' || strchr(urlunsafe, *p)) {
- if ((x + 3) > len) {
+ if ((x + 3) >= len) {
break;
}
buf[x++] = '%';
@@ -1432,10 +1435,9 @@ SWITCH_DECLARE(size_t) switch_url_encode(const char *url, char *buf, size_t len)
} else {
buf[x++] = *p;
}
- if (x == len) {
- break;
- }
}
+ buf[x] = '\0';
+
return x;
}