From: Ralph Corderoy <ralph@inputplus.co.uk>
Date: Tue, 18 Oct 2016 00:27:27 +0000 (+0100)
Subject: Fix unlikely bug in oauth's make_query_url() of base_url overflow.
X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/a872db591b217f09a78b7027eb246ce0eb20ff4c?hp=dad91212b8df0f772eda9037ed86cbd137cf1a7d

Fix unlikely bug in oauth's make_query_url() of base_url overflow.
---

diff --git a/sbr/oauth.c b/sbr/oauth.c
index f195e6fe..7977586c 100755
--- a/sbr/oauth.c
+++ b/sbr/oauth.c
@@ -840,7 +840,10 @@ make_query_url(char *s, size_t size, CURL *curl, const char *base_url, ...)
         len = 0;
         prefix = "";
     } else {
-        len = sprintf(s, "%s", base_url);
+        len = strlen(base_url);
+        if (len > size - 1) /* Less one for NUL. */
+            return FALSE;
+        strcpy(s, base_url);
         prefix = "?";
     }