summaryrefslogtreecommitdiff
path: root/content/handlers/html/form.c
diff options
context:
space:
mode:
Diffstat (limited to 'content/handlers/html/form.c')
-rw-r--r--content/handlers/html/form.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/content/handlers/html/form.c b/content/handlers/html/form.c
index 8ba99d4ab..4a9d7102d 100644
--- a/content/handlers/html/form.c
+++ b/content/handlers/html/form.c
@@ -972,6 +972,9 @@ static char *form_url_encode(struct form *form,
assert(url_err == NSERROR_OK);
+ /* resize string to allow for new key/value pair,
+ * equals, amphersand and terminator
+ */
len1 = len + strlen(name) + strlen(value) + 2;
s2 = realloc(s, len1 + 1);
if (!s2) {
@@ -981,7 +984,8 @@ static char *form_url_encode(struct form *form,
return NULL;
}
s = s2;
- sprintf(s + len, "%s=%s&", name, value);
+
+ snprintf(s + len, (len1 + 1) - len, "%s=%s&", name, value);
len = len1;
free(name);
free(value);