cURL / Mailing Lists / curl-library / Single Mail


RE: trouble with SSL URL

From: Daniel Stenberg <>
Date: Fri, 4 Feb 2005 10:09:44 +0100 (CET)

On Wed, 2 Feb 2005, David Byron wrote:

>> ... so with your patch, there's a single-byte buffer overflow.
> I don't think there's a buffer overflow by doing this. The actual buffer is
> an array of [BUFSIZE + 1], so there's still room for the NULL terminator.
> Also, in http.c, the call to Curl_read passes BUFSIZE when nread is 0, so I
> think BUFSIZE is OK.

Ah, thanks for correcting me!

> Not that this is a bulletproof test, but I created another document that's
> one byte shorter, and another that's one byte longer and the patched curl
> downloads them both just fine.

While I don't mind removing that -1 from the code, especially since it has no
purpose, I still can't see why that causes an error. It merely decides how
large buffer to use.

Try removing the -1 and define CURL_MAX_WRITE_SIZE to be 16383. In my eyes,
that should suffer from the same problem(s).

      Daniel Stenberg -- --
       Dedicated custom curl help for hire:
Received on 2005-02-04