$OpenBSD: patch-src_util_c,v 1.1 2004/01/27 01:03:54 brad Exp $
--- src/util.c.orig	2004-01-09 23:04:56.000000000 -0500
+++ src/util.c	2004-01-26 14:51:51.000000000 -0500
@@ -247,24 +247,71 @@ gaim_base64_decode(const char *text, cha
 /**************************************************************************
  * Quoted Printable Functions
  **************************************************************************/
-void
-gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len)
+static void hex(const char **p, const char *end, unsigned char *n)
 {
-	char *p, *n, *new;
+	int i, c;
 
-	n = new = g_malloc(strlen (str) + 1);
+	for (i = 0, c = 0; i < 2 && *p < end; ++i, ++*p) {
+		c <<= 4;
+		switch (**p) {
+		case '0': break;
+		case '1': c += 1; break;
+		case '2': c += 2; break;
+		case '3': c += 3; break;
+		case '4': c += 4; break;
+		case '5': c += 5; break;
+		case '6': c += 6; break;
+		case '7': c += 7; break;
+		case '8': c += 8; break;
+		case '9': c += 9; break;
+		case 'a': c += 10; break;
+		case 'b': c += 11; break;
+		case 'c': c += 12; break;
+		case 'd': c += 13; break;
+		case 'e': c += 14; break;
+		case 'f': c += 15; break;
+		case 'A': c += 10; break;
+		case 'B': c += 11; break;
+		case 'C': c += 12; break;
+		case 'D': c += 13; break;
+		case 'E': c += 14; break;
+		case 'F': c += 15; break;
+		default:
+			  if (i == 0) {
+				  *n = **p;
+				  ++*p;
+				  return;
+			  }
+			  c >>= 4;
+			  goto done;
+		}
+	}
+done:
+	*n = (c > UCHAR_MAX) ? '?' : c;
+	return;
+}
 
-	for (p = (char *)str; *p; p++, n++) {
+void
+gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len)
+{
+	const char *p, *end;
+	unsigned char *n, *new;
+	size_t len;
+
+	len = strlen (str);
+	n = new = g_malloc(len + 1);
+	p = str;
+	end = &p[len];
+	while (p < end) {
 		if (*p == '=') {
-			sscanf(p + 1, "%2x\n", (int *)n);
-			p += 2;
-		}
-		else if (*p == '_')
+			++p;
+			hex(&p, end, n);
+		} else if (*p == '_')
 			*n = ' ';
 		else
 			*n = *p;
+		++n;
 	}
-
 	*n = '\0';
 
 	if (ret_len)
@@ -1962,7 +2009,7 @@ gaim_url_parse(const char *url, char **r
 			   char **ret_path)
 {
 	char scan_info[255];
-	char port_str[5];
+	char port_str[6];
 	int f;
 	const char *turl;
 	char host[256], path[256];
@@ -1982,16 +2029,21 @@ gaim_url_parse(const char *url, char **r
 	}
 
 	g_snprintf(scan_info, sizeof(scan_info),
-			   "%%[%s]:%%[%s]/%%[%s]", addr_ctrl, port_ctrl, page_ctrl);
+			   "%%255[%s]:%%5[%s]/%%255[%s]", addr_ctrl, port_ctrl, page_ctrl);
+	addr_ctrl[sizeof(addr_ctrl)-1] = '\0';
+	port_ctrl[sizeof(port_ctrl)-1] = '\0';
+	page_ctrl[sizeof(page_ctrl)-1] = '\0';
 
 	f = sscanf(url, scan_info, host, port_str, path);
 
 	if (f == 1)
 	{
 		g_snprintf(scan_info, sizeof(scan_info),
-				   "%%[%s]/%%[%s]",
+				   "%%255[%s]/%%255[%s]",
 				   addr_ctrl, page_ctrl);
 		f = sscanf(url, scan_info, host, path);
+		addr_ctrl[sizeof(addr_ctrl)-1] = '\0';
+		page_ctrl[sizeof(page_ctrl)-1] = '\0';
 		g_snprintf(port_str, sizeof(port_str), "80");
 	}
 
@@ -2081,9 +2133,14 @@ parse_redirect(const char *data, size_t 
 static size_t
 parse_content_len(const char *data, size_t data_len)
 {
-	size_t content_len = 0;
+	int content_len = 0;
+	char *tmp;
 
-	sscanf(data, "Content-Length: %d", (int *)&content_len);
+	tmp = g_malloc(data_len + 1);
+	memcpy(tmp, data, data_len);
+	tmp[data_len] = '\0';
+	sscanf(tmp, "Content-Length: %d", &content_len);
+	g_free(tmp);
 
 	return content_len;
 }
