From cb70a5616979f9632f4b12dc71c80916e8ef8196 Mon Sep 17 00:00:00 2001
From: Tom Dignan <tom@dignan.io>
Date: Sun, 4 Aug 2019 23:36:22 -0400
Subject: prevent buffer overflow when spoofing content-length

---
 post.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/post.c b/post.c
index 3f4df04..27df0dc 100644
--- a/post.c
+++ b/post.c
@@ -47,7 +47,9 @@ void read_post_data(void)
 
 	int pos = 0;
 	int c;
-	while ((c = getchar()) != EOF) {
+	buf[0] = '\0';
+
+	while (pos < cl && (c = getchar()) != EOF) {
 		if (c == '&') {
 			add_data(buf);
 			pos = 0;
-- 
cgit v1.2.1