diff --git a/src/userinput.c b/src/userinput.c index 524be2f1eab485d5d1c6388a8fb2331edf9d1eb8..f8384f97fca7f19dd228720ff8415caec0a3ae5a 100644 --- a/src/userinput.c +++ b/src/userinput.c @@ -41,17 +41,23 @@ static char *uri_escape(const char *string) for (i = 0; string[i]; i++) { if (allocated_len + 4 >= real_len) { allocated_len += 16; - escaped = realloc(escaped, allocated_len); + char *tmp = realloc(escaped, allocated_len); + // bail out if realloc fails - if (escaped == NULL) - return NULL; + if (tmp == NULL) { + free(escaped); + escaped = NULL; + break; + } + escaped = tmp; } if (isalnum(string[i])) escaped[real_len++] = string[i]; else real_len += sprintf(&escaped[real_len], "%%%02X", string[i]); } - escaped[real_len] = '\0'; + if (escaped) + escaped[real_len] = '\0'; return escaped; } @@ -63,6 +69,10 @@ static char *uri_unescape(const char *string) int real_len = 0; int i = 0; + // bail out if malloc fails + if (unescaped == NULL) + return NULL; + while (string[i]) { if (string[i] == '%' && isxdigit(string[i + 1]) && isxdigit(string[i + 2])) {