From 8fa72a64be9fe62fe40dfe8301cbcbca0fc44b79 Mon Sep 17 00:00:00 2001
From: Wilfried Goesgens <dothebart@citadel.org>
Date: Mon, 22 Oct 2012 00:16:47 +0200
Subject: [PATCH] URL-Parsing: fix off by one when checking the length of URL
 params

---
 webcit/paramhandling.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webcit/paramhandling.c b/webcit/paramhandling.c
index 46ac87280..9db69f7e7 100644
--- a/webcit/paramhandling.c
+++ b/webcit/paramhandling.c
@@ -50,7 +50,7 @@ void ParseURLParams(StrBuf *url)
 			bptr++;
 		}
 		keylen = aptr - up - 1; /* -1 -> '=' */
-		if(keylen > sizeof(u->url_key)) {
+		if(keylen >= sizeof(u->url_key)) {
 			syslog(1, "invalid url_key from %s", ChrPtr(WCC->Hdr->HR.browser_host));
 			return;
 		}
@@ -371,7 +371,7 @@ void PutBstr(const char *key, long keylen, StrBuf *Value)
 	urlcontent *u;
 	wcsession *WCC = WC;
 
-	if(keylen > sizeof(u->url_key)) {
+	if(keylen >= sizeof(u->url_key)) {
 		syslog(1, "invalid url_key from %s", ChrPtr(WCC->Hdr->HR.browser_host));
 		FreeStrBuf(&Value);
 		return;
-- 
2.30.2