From: Eric Haszlakiewicz Date: Tue, 3 Apr 2012 19:54:25 +0000 (-0500) Subject: Fix some bugs with how buffer sizes were being calcuated in printbuf_memset and an... X-Git-Tag: json-c-0.10-20120530~19 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0d79b534568f609a9444c3466ae1f5a2864f702f;p=json-c Fix some bugs with how buffer sizes were being calcuated in printbuf_memset and an off-by-one error in printbuf_memappend. --- diff --git a/printbuf.c b/printbuf.c index b4f7955..b951c7b 100644 --- a/printbuf.c +++ b/printbuf.c @@ -47,6 +47,14 @@ struct printbuf* printbuf_new(void) } +/** + * Extend the buffer p so it has a size of at least min_size. + * + * If the current size is large enough, nothing is changed. + * + * Note: this does not check the available space! The caller + * is responsible for performing those calculations. + */ static int printbuf_extend(struct printbuf *p, int min_size) { char *t; @@ -55,11 +63,11 @@ static int printbuf_extend(struct printbuf *p, int min_size) if (p->size >= min_size) return 0; - new_size = json_max(p->size * 2, p->bpos + min_size + 8); + new_size = json_max(p->size * 2, min_size + 8); #ifdef PRINTBUF_DEBUG MC_DEBUG("printbuf_memappend: realloc " - "bpos=%d wrsize=%d old_size=%d new_size=%d\n", - p->bpos, size, p->size, new_size); + "bpos=%d min_size=%d old_size=%d new_size=%d\n", + p->bpos, min_size, p->size, new_size); #endif /* PRINTBUF_DEBUG */ if(!(t = (char*)realloc(p->buf, new_size))) return -1; @@ -70,8 +78,8 @@ static int printbuf_extend(struct printbuf *p, int min_size) int printbuf_memappend(struct printbuf *p, const char *buf, int size) { - if(p->size - p->bpos <= size) { - if (printbuf_extend(p, size) < 0) + if (p->size <= p->bpos + size + 1) { + if (printbuf_extend(p, p->bpos + size + 1) < 0) return -1; } memcpy(p->buf + p->bpos, buf, size); @@ -87,7 +95,7 @@ int printbuf_memset(struct printbuf *pb, int offset, int charvalue, int len) if (offset == -1) offset = pb->bpos; size_needed = offset + len; - if(pb->size - pb->bpos <= size_needed) + if (pb->size < size_needed) { if (printbuf_extend(pb, size_needed) < 0) return -1;