From a93224fde26776056e7feaf22b98e99bbc3571c9 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Sat, 9 Feb 2008 00:51:52 +0000
Subject: [PATCH] Declare enough buffer space for out-of-range URL port numbers

---
 libraries/libldap/url.c | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
index 4ef41f5ef4..882d21da30 100644
--- a/libraries/libldap/url.c
+++ b/libraries/libldap/url.c
@@ -582,19 +582,17 @@ desc2str_len( LDAPURLDesc *u )
 	len += sep;
 
 	if ( u->lud_port ) {
-		char	buf[ STRLENOF(":65535") + 1 ];
+		unsigned p = u->lud_port;
+		if ( p > 65535 )
+			return -1;
 
-		len += snprintf( buf, sizeof( buf ), ":%d", u->lud_port );
-		if ( u->lud_host && u->lud_host[0] ) {
-			len += strlen( u->lud_host );
-		}
+		len += (p > 999 ? 5 + (p > 9999) : p > 99 ? 4 : 2 + (p > 9));
+	}
 
-	} else {
-		if ( u->lud_host && u->lud_host[0] ) {
-			len += hex_escape_len( u->lud_host, URLESC_SLASH );
-			if ( !is_ipc && strchr( u->lud_host, ':' )) {
-				len += 2;	/* IPv6, [] */
-			}
+	if ( u->lud_host && u->lud_host[0] ) {
+		len += hex_escape_len( u->lud_host, URLESC_SLASH );
+		if ( !is_ipc && strchr( u->lud_host, ':' )) {
+			len += 2;	/* IPv6, [] */
 		}
 	}
 
-- 
2.39.5