diff options
| author | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-04-30 22:12:57 +0200 |
|---|---|---|
| committer | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-05-01 04:13:25 +0200 |
| commit | 401c5dcf444b50d4fffa66f790aa0ee6a919a967 (patch) | |
| tree | beb9d81d41ae55d4a40f4c25de761751cbf12cbe /http.c | |
| parent | cfd0a6f7743494f63c6ac5af15bbd3e762591961 (diff) | |
| download | slcl-401c5dcf444b50d4fffa66f790aa0ee6a919a967.tar.gz | |
Fix missing error checks for strtoul(3)
Diffstat (limited to 'http.c')
| -rw-r--r-- | http.c | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -1897,9 +1897,17 @@ char *http_decode_url(const char *url) else if (*(url + 1) && *(url + 2)) { const char buf[sizeof "00"] = {*(url + 1), *(url + 2)}; + char *endptr; + const unsigned long res = strtoul(buf, &endptr, 16); + + if (*endptr) + { + fprintf(stderr, "%s: invalid number %s\n", __func__, buf); + goto failure; + } - ret[n++] = strtoul(buf, NULL, 16); url += 3; + ret[n++] = res; } else { |