55 lines
1.6 KiB
Diff
55 lines
1.6 KiB
Diff
From 49923ccb2143e36850bcdeb781e2bcdf5ce22f15 Mon Sep 17 00:00:00 2001
|
|
From: John Hawthorn <john@hawthorn.email>
|
|
Date: Wed, 2 Mar 2022 14:17:59 -0800
|
|
Subject: [PATCH] Check need < buf->used
|
|
|
|
We're guaranteed a power of 2 so that this becomes 0, but we might as
|
|
well use a check for overflow that works in more cases.
|
|
|
|
Unsigned integer overflow is defined behaviour, so this should be safe.
|
|
|
|
(cherry picked from commit 36410d536b676e836637bb20574a56ebc920eb83)
|
|
---
|
|
src/yajl_buf.c | 9 +++++++--
|
|
1 file changed, 7 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/yajl_buf.c b/src/yajl_buf.c
|
|
index 1aeafde0..8bd1bea7 100644
|
|
--- a/src/yajl_buf.c
|
|
+++ b/src/yajl_buf.c
|
|
@@ -30,7 +30,7 @@ struct yajl_buf_t {
|
|
};
|
|
|
|
static
|
|
-void yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
|
+int yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
|
{
|
|
size_t need;
|
|
|
|
@@ -46,11 +46,15 @@ void yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
|
need = buf->len;
|
|
|
|
while (want >= (need - buf->used)) need <<= 1;
|
|
+ if (need < buf->used) {
|
|
+ return -1;
|
|
+ }
|
|
|
|
if (need != buf->len) {
|
|
buf->data = (unsigned char *) YA_REALLOC(buf->alloc, buf->data, need);
|
|
buf->len = need;
|
|
}
|
|
+ return 0;
|
|
}
|
|
|
|
yajl_buf yajl_buf_alloc(yajl_alloc_funcs * alloc)
|
|
@@ -70,7 +74,8 @@ void yajl_buf_free(yajl_buf buf)
|
|
|
|
void yajl_buf_append(yajl_buf buf, const void * data, size_t len)
|
|
{
|
|
- yajl_buf_ensure_available(buf, len);
|
|
+ if (yajl_buf_ensure_available(buf, len))
|
|
+ return;
|
|
if (len > 0) {
|
|
assert(data != NULL);
|
|
memcpy(buf->data + buf->used, data, len);
|