From f2b4e4e07e7e2eae064d8e9f54f86f32a297bade Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Tue, 16 Sep 2003 03:31:03 +0000 Subject: - deraadt@cvs.openbsd.org 2003/09/16 03:03:47 [buffer.c] do not expand buffer before attempting to reallocate it; markus ok --- ChangeLog | 9 +++++++-- buffer.c | 13 ++++++++----- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 98f7cd5b..93d88a51 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,12 @@ 20030916 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it - eg Solaris, Reliant Unix. Patch from Robert.Dahlem at siemens.com. ok djm@ + (eg Solaris, Reliant Unix). Patch from Robert.Dahlem at siemens.com. + ok djm@ + - (bal) OpenBSD Sync + - deraadt@cvs.openbsd.org 2003/09/16 03:03:47 + [buffer.c] + do not expand buffer before attempting to reallocate it; markus ok 20030914 - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing @@ -1098,4 +1103,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2993 2003/09/16 03:24:50 dtucker Exp $ +$Id: ChangeLog,v 1.2994 2003/09/16 03:31:03 mouring Exp $ diff --git a/buffer.c b/buffer.c index ad04b267..8ff8c2f4 100644 --- a/buffer.c +++ b/buffer.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.17 2003/09/16 03:03:47 deraadt Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -69,6 +69,7 @@ buffer_append(Buffer *buffer, const void *data, u_int len) void * buffer_append_space(Buffer *buffer, u_int len) { + u_int newlen; void *p; if (len > 0x100000) @@ -98,11 +99,13 @@ restart: goto restart; } /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - if (buffer->alloc > 0xa00000) + + newlen = buffer->alloc + len + 32768; + if (newlen > 0xa00000) fatal("buffer_append_space: alloc %u not supported", - buffer->alloc); - buffer->buf = xrealloc(buffer->buf, buffer->alloc); + newlen); + buffer->buf = xrealloc(buffer->buf, newlen); + buffer->alloc = newlen; goto restart; /* NOTREACHED */ } -- cgit v1.2.1