$OpenBSD: patch-lib_escape_c,v 1.2 2013/07/16 19:25:38 jasper Exp $

Security fix for CVE-2013-2174,
libcURL "curl_easy_unescape()" Buffer Overflow Vulnerability

http://curl.haxx.se/docs/adv_20130622.html

--- lib/escape.c.orig	Tue Jul 16 10:45:29 2013
+++ lib/escape.c	Tue Jul 16 10:46:01 2013
@@ -159,7 +159,8 @@ CURLcode Curl_urldecode(struct SessionHandle *data,
 
   while(--alloc > 0) {
     in = *string;
-    if(('%' == in) && ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
+    if(('%' == in) && (alloc > 2) &&
+      ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
       /* this is two hexadecimal digits following a '%' */
       char hexstr[3];
       char *ptr;
