Add bound checking for LibHTTPC_loadRequest

I realized that you don't need to pass buf_len as buf is a c-string.

Anyway, that is bound checking and it should work.

2 files changed, 7 insertions, 11 deletions

diff --git a/TODO.7 b/TODO.7
index bfcb305..12a0adb 100644
--- a/TODO.7
+++ b/TODO.7
@@ -19,17 +19,6 @@ from
 .Xr socket 2
 directly.
 .It
-Add bound-checking for
-.Fn LibHTTPC_loadRequest .
-This just needs
-to add a
-.Fa buf_len
-parameter
-and check
-if function
-is righter than
-.Ql buf + buf_len .
-.It
 Make
 .Fn LibHTTPC_dumpResponse
 accept
diff --git a/src/request.c b/src/request.c
index 644cd4b..a0e1358 100644
--- a/src/request.c
+++ b/src/request.c
@@ -9,6 +9,7 @@ struct LibHTTPC_Request *LibHTTPC_loadRequest(struct LibHTTPC_Request *request_b
 {
     char *next;
     int selfmalloc = 0;
+    char *buf_end = strchr(buf, '\0');
 
     if (!buf)
         return NULL;
@@ -50,6 +51,8 @@ struct LibHTTPC_Request *LibHTTPC_loadRequest(struct LibHTTPC_Request *request_b
     if (!next)
         return NULL;
     *next++ = '\0';
+    if (next > buf_end)
+        return NULL;
 
     for (size_t i = 0; (next = strstr(next, "\r\n")); ++next, ++i)
     {
@@ -57,6 +60,8 @@ struct LibHTTPC_Request *LibHTTPC_loadRequest(struct LibHTTPC_Request *request_b
             return NULL;
         *next = '\0';
         next += 2;
+        if (next > buf_end)
+            return NULL;
 
         if (strstr(next, "\r\n") == next)
             break;
@@ -78,6 +83,8 @@ struct LibHTTPC_Request *LibHTTPC_loadRequest(struct LibHTTPC_Request *request_b
             if (!next)
                 return NULL;
             *next++ = '\0';
+            if (next > buf_end)
+                return NULL;
             request_buf->headers[i].value = next;
         }
     }