From 352cb74569bc965654a2fbb25f5365dc021c1556 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fran=C3=A7ois=20Pinard?= Date: Thu, 21 Feb 2008 20:50:21 -0500 Subject: [PATCH] Compute cursor after realloc, revisited --- THANKS | 1 + src/ChangeLog | 3 ++- src/request.c | 8 ++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/THANKS b/THANKS index f3855ef..88b1db2 100644 --- a/THANKS +++ b/THANKS @@ -57,6 +57,7 @@ Dominique Schmit dschmit@tabarly.saclay.cea.fr Duane Ellis duane@franklin.com http://www.franklin.com Eli Zaretskii eliz@is.elta.co.il +Enrik Berkhan Enrik.Berkhan@planb.de Eric Backus eric_backus@hp.com http://www.wolfenet.com/~ericjb Eric Bischoff eric@caldera.de diff --git a/src/ChangeLog b/src/ChangeLog index a5c8bf3..c941fcc 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -28,10 +28,11 @@ * Makefile.am: Replace lib_LTLIBRARIES by noinst_LIBRARIES. Replace librecode.la by libcode.a and librecode_la by librecode_a. -2001-10-08 Andreas Schwab +2001-10-08 François Pinard * request.c (guarantee_nul_terminator): Fix bound computation for realloc. + Reported by Andreas Schwab and Enrik Berkhan. 2001-07-01 Bruno Haible diff --git a/src/request.c b/src/request.c index 4643c31..3e995db 100644 --- a/src/request.c +++ b/src/request.c @@ -1073,13 +1073,13 @@ guarantee_nul_terminator (RECODE_TASK task) if (task->output.cursor + 4 >= task->output.limit) { RECODE_OUTER outer = task->request->outer; - size_t size = task->output.cursor + 4 - task->output.buffer; + size_t size = task->output.cursor - task->output.buffer; /* FIXME: Rethink about how the error should be reported. */ - if (REALLOC (task->output.buffer, size, char)) + if (REALLOC (task->output.buffer, size + 4, char)) { - task->output.cursor = task->output.buffer + size - 4; - task->output.limit = task->output.buffer + size; + task->output.cursor = task->output.buffer + size; + task->output.limit = task->output.buffer + size + 4; } } task->output.cursor[0] = NUL; -- 2.50.1