From 80a2c3612aaf43203e27c2c75bf4216cd3a2d9c2 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sat, 13 May 2017 23:44:12 +0800 Subject: fix buf->pos when shrinking --- buffer.c | 1 + 1 file changed, 1 insertion(+) (limited to 'buffer.c') diff --git a/buffer.c b/buffer.c index d646c0e..ec3d883 100644 --- a/buffer.c +++ b/buffer.c @@ -109,6 +109,7 @@ void buf_setlen(buffer* buf, unsigned int len) { dropbear_exit("Bad buf_setlen"); } buf->len = len; + buf->pos = 0; } /* Increment the length of the buffer */ -- cgit v1.2.1 From 388c860fa18affa7674ed9d9cf1a7ee8afed1b25 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sat, 20 May 2017 23:39:01 +0800 Subject: make buf_getstring fail prior to malloc if the buffer is short --- buffer.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'buffer.c') diff --git a/buffer.c b/buffer.c index 0ca50b4..a462374 100644 --- a/buffer.c +++ b/buffer.c @@ -209,6 +209,7 @@ char* buf_getstring(buffer* buf, unsigned int *retlen) { unsigned int len; char* ret; + void* src = NULL; len = buf_getint(buf); if (len > MAX_STRING_LEN) { dropbear_exit("String too long"); @@ -217,8 +218,9 @@ char* buf_getstring(buffer* buf, unsigned int *retlen) { if (retlen != NULL) { *retlen = len; } + src = buf_getptr(buf, len); ret = m_malloc(len+1); - memcpy(ret, buf_getptr(buf, len), len); + memcpy(ret, src, len); buf_incrpos(buf, len); ret[len] = '\0'; -- cgit v1.2.1