[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
fix buffer overrun in getdelim with lines longer than 2 GiB
|
From: |
Paul Eggert |
|
Subject: |
fix buffer overrun in getdelim with lines longer than 2 GiB |
|
Date: |
Sun, 02 Oct 2005 15:51:45 -0700 |
|
User-agent: |
Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux) |
I installed this patch to fix a buffer overrun in getdelim with lines
longer than 2 GiB on 64-bit hosts. It also incorporates recent
changes to gnulib; I'll propose that this be merged back into gnulib.
2005-10-02 Paul Eggert <address@hidden>
* getdelim.c: Import from gnulib (to fix unused var warnings) then
apply the following fixes:
Include getdelim.h first. Include <limits.h>.
(SSIZE_MAX): New macro, if not already defined.
(getdelim): Fix buffer overrun on 64-bit hosts with lines longer
than 2 GiB.
--- lib/getdelim.c 22 Sep 2005 06:22:44 -0000 1.1
+++ lib/getdelim.c 2 Oct 2005 22:48:34 -0000
@@ -23,11 +23,15 @@
# include <config.h>
#endif
+#include "getdelim.h"
+
+#include <limits.h>
#include <stdlib.h>
#include <errno.h>
-#include "getdelim.h"
-
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
+#endif
#if !HAVE_FLOCKFILE
# undef flockfile
# define flockfile(x) ((void) 0)
@@ -46,9 +50,8 @@
ssize_t
getdelim (char **lineptr, size_t *n, int delimiter, FILE *fp)
{
- int result = 0;
- ssize_t cur_len = 0;
- ssize_t len;
+ ssize_t result;
+ size_t cur_len = 0;
if (lineptr == NULL || n == NULL || fp == NULL)
{
@@ -71,23 +74,26 @@ getdelim (char **lineptr, size_t *n, int
for (;;)
{
- char *t;
int i;
i = getc (fp);
if (i == EOF)
- {
- result = -1;
- break;
- }
+ {
+ result = -1;
+ break;
+ }
/* Make enough space for len+1 (for final NUL) bytes. */
if (cur_len + 1 >= *n)
{
- size_t needed = 2 * (cur_len + 1) + 1; /* Be generous. */
+ size_t needed_max =
+ SSIZE_MAX < SIZE_MAX ? (size_t) SSIZE_MAX + 1 : SIZE_MAX;
+ size_t needed = 2 * *n + 1; /* Be generous. */
char *new_lineptr;
- if (needed < cur_len)
+ if (needed_max < needed)
+ needed = needed_max;
+ if (cur_len + 1 >= needed)
{
result = -1;
goto unlock_return;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- fix buffer overrun in getdelim with lines longer than 2 GiB,
Paul Eggert <=