From 9fc22b417210e4c3fa2c8bf3b005cbf74f3c4c03 Mon Sep 17 00:00:00 2001
From: Adam Dickmeiss <adam@indexdata.dk>
Date: Wed, 8 Oct 2014 09:57:09 +0200
Subject: [PATCH] Fix uri array may overflow in yaz_solr_encode_request
 YAZ-775

---
 src/solr.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/solr.c b/src/solr.c
index 1c11765..a8e8cd8 100644
--- a/src/solr.c
+++ b/src/solr.c
@@ -478,6 +478,12 @@ int yaz_solr_encode_request(Z_HTTP_Request *hreq, Z_SRW_PDU *srw_pdu,
     int no_parms = 20; /* safe upper limit of args without extra_args */
     Z_SRW_extra_arg *ea;
 
+    if (srw_pdu->which == Z_SRW_searchRetrieve_request)
+    {   /* to make room for facets in yaz_solr_encode_facet_list later */
+        Z_SRW_searchRetrieveRequest *request = srw_pdu->u.request;
+        if (request->facetList)
+            no_parms += request->facetList->num;
+    }
     for (ea = srw_pdu->extra_args; ea; ea = ea->next)
         no_parms++;
     name = (char **) odr_malloc(encode, sizeof(*name) * no_parms);
-- 
1.7.10.4