buffer.c: guard against bad input

The byte limit would be hit if adding one byte to a buffer
that's half the limit, due to the temporary double copy.
Not sure if that's something that's worth changing.
This commit is contained in:
Vincent Penquerc'h 2013-12-28 06:22:49 -05:00 committed by Marek Marczykowski-Górecki
parent 7f2ac22d49
commit 9192aa041d

View File

@ -69,8 +69,16 @@ we keep them so simple to make them obviously correct.
void buffer_append(struct buffer *b, char *data, int len)
{
int newsize = len + b->buflen;
char *qdata = limited_malloc(len + b->buflen);
int newsize;
char *qdata;
if (len < 0 || len > BUFFER_LIMIT) {
fprintf(stderr, "buffer_append %d\n", len);
exit(1);
}
if (len == 0)
return;
newsize = len + b->buflen;
qdata = limited_malloc(len + b->buflen);
memcpy(qdata, b->data, b->buflen);
memcpy(qdata + b->buflen, data, len);
buffer_free(b);
@ -80,9 +88,17 @@ void buffer_append(struct buffer *b, char *data, int len)
void buffer_remove(struct buffer *b, int len)
{
int newsize = b->buflen - len;
char *qdata = limited_malloc(newsize);
int newsize;
char *qdata = NULL;
if (len < 0 || len > b->buflen) {
fprintf(stderr, "buffer_remove %d/%d\n", len, b->buflen);
exit(1);
}
newsize = b->buflen - len;
if (newsize > 0) {
qdata = limited_malloc(newsize);
memcpy(qdata, b->data + len, newsize);
}
buffer_free(b);
b->buflen = newsize;
b->data = qdata;