commit b91d801835eb928cf8379ebefe2add66ed98f61c
from: Alisdair MacLeod <git@alisdairmacleod.co.uk>
date: Tue Mar 31 18:46:11 2026 UTC

Use stack buffer for POST body instead of heap allocation

MAX_BODY is 4096, well within stack limits. The content_length
check already ensures the read will not overflow. This avoids a
malloc/free pair on every POST request.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

commit - a35d82dbb6d02edf3c6e603e21a30fde949599ca
commit + b91d801835eb928cf8379ebefe2add66ed98f61c
blob - 17822273e355dc4920ba6c96abb177d956196f66
blob + c0f061606991091d8360341449bbda56d52d599e
--- book.c
+++ book.c
@@ -61,11 +61,7 @@ handle_book(const char *day_param)
 		return;
 	}
 
-	char *body = malloc((size_t) content_length + 1);
-	if (body == NULL) {
-		cgi_error(500);
-		return;
-	}
+	char body[MAX_BODY + 1];
 	const size_t nread = fread(body, 1, (size_t) content_length, stdin);
 	body[nread] = '\0';
 
@@ -73,7 +69,6 @@ handle_book(const char *day_param)
 	char *csrf_form = cgi_form_get(body, CSRF_KEY);
 	if (!cgi_csrf_check(csrf_form)) {
 		free(csrf_form);
-		free(body);
 		cgi_error(403);
 		return;
 	}
@@ -82,13 +77,11 @@ handle_book(const char *day_param)
 	/* Parse and validate date. */
 	if (date_parse(day_param, &tm) != 0) {
 		fprintf(stderr, "Error parsing date \"%s\"\n", day_param);
-		free(body);
 		cgi_error_csrf(400);
 		return;
 	}
 
 	if (date_is_past(&tm)) {
-		free(body);
 		cgi_error_csrf(400);
 		return;
 	}
@@ -97,7 +90,6 @@ handle_book(const char *day_param)
 
 	/* Get desk from form. */
 	char *desk = cgi_form_get(body, DESK_KEY);
-	free(body);
 	if (desk == NULL || *desk == '\0') {
 		free(desk);
 		cgi_error_csrf(400);
blob - 38f02a143898383191680571ede5d92d7e2a0404
blob + 421433c28ea38248b15cc5e9802eb360617f1750
--- cancel.c
+++ cancel.c
@@ -56,11 +56,7 @@ handle_cancel(void)
 		return;
 	}
 
-	char *body = malloc((size_t) content_length + 1);
-	if (body == NULL) {
-		cgi_error(500);
-		return;
-	}
+	char body[MAX_BODY + 1];
 	const size_t nread = fread(body, 1, (size_t) content_length, stdin);
 	body[nread] = '\0';
 
@@ -68,7 +64,6 @@ handle_cancel(void)
 	char *csrf_form = cgi_form_get(body, CSRF_KEY);
 	if (!cgi_csrf_check(csrf_form)) {
 		free(csrf_form);
-		free(body);
 		cgi_error(403);
 		return;
 	}
@@ -78,7 +73,6 @@ handle_cancel(void)
 	char *day = cgi_form_get(body, DATE_KEY);
 	if (day == NULL || *day == '\0') {
 		free(day);
-		free(body);
 		cgi_error_csrf(400);
 		return;
 	}
@@ -86,14 +80,12 @@ handle_cancel(void)
 	if (date_parse(day, &tm) != 0) {
 		fprintf(stderr, "Error parsing date \"%s\"\n", day);
 		free(day);
-		free(body);
 		cgi_error_csrf(400);
 		return;
 	}
 	free(day);
 
 	if (date_is_past(&tm)) {
-		free(body);
 		cgi_error_csrf(400);
 		return;
 	}
@@ -102,7 +94,6 @@ handle_cancel(void)
 
 	/* Get desk from form. */
 	char *desk = cgi_form_get(body, DESK_KEY);
-	free(body);
 	if (desk == NULL || *desk == '\0') {
 		free(desk);
 		cgi_error_csrf(400);