Mercurial > code

diff buffer.c @ 21:ae4128d16c92

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improve security and FIXED size buffer
author David Demelier <markand@malikania.fr>
date Fri, 09 Sep 2011 17:32:53 +0200
parents 520939b40002
children 904a373aa120
line wrap: on
line diff
--- a/buffer.c	Fri Sep 09 01:15:25 2011 +0200
+++ b/buffer.c	Fri Sep 09 17:32:53 2011 +0200
@@ -64,10 +64,10 @@
 	if (buffer_grow(buf, length) < 0)
 		return -1;
 
-	if (buf->flags & BUFFER_FIXED)
+	if (!(buf->flags & BUFFER_AUTO))
 		length = buf->size - buf->length - 1;
 
-	strncat(buf->data, str, length);
+	strncpy(buf->data + buf->length, str, length);
 	buf->length = strlen(buf->data);
 
 	return 0;
@@ -83,6 +83,9 @@
 	if (buffer_grow(buf, 1) < 0)
 		return -1;
 
+	if (!(buf->flags & BUFFER_AUTO) && buf->size - buf->length - 1 <= 2)
+		return -1;
+
 	buf->data[buf->length++]	= c;
 	buf->data[buf->length]		= '\0';
 
@@ -100,7 +103,7 @@
 		return -1;
 
 	/* Do not truncate void pointer */
-	if (buf->flags & BUFFER_FIXED && size > (buf->size - buf->length - 1))
+	if (!(buf->flags & BUFFER_AUTO) && size > (buf->size - buf->length - 1))
 		return -1;
 
 	memcpy(buf->data + buf->length, data, size);
@@ -232,17 +235,15 @@
 
 	if (buf->flags & BUFFER_AUTO) {
 		newlen = buf->size;
-		while (newlen - buf->length - 1 < needed)
+		while (newlen - buf->length - 1 <= needed)
 			newlen += buf->bsize;
 
-		if (!(buf->data = realloc(buf->data, buf->size)))
+		if (!(buf->data = realloc(buf->data, newlen)))
 			return -1;
 
 		buf->size = newlen;
-	} else
-		return (buf->bsize == buf->length) ? -1 : 0;
-
-	memset(buf->data + buf->length, 0, buf->size - buf->length);
+		memset(buf->data + buf->length, 0, buf->size - buf->length);
+	}
 
 	return 0;
 }