On Sun, Sep 09, 2007 at 10:30:38PM +0000, Junio C Hamano wrote: > Pierre Habouzit <madcoder@xxxxxxxxxx> writes: > > > @@ -89,14 +86,13 @@ unsigned long interpolate(char *result, unsigned long reslen, > > } > > } > > /* Straight copy one non-interpolation character. */ > > + if (newlen < reslen) > > *dest++ = *src; > > src++; > > newlen++; > > } > > > > + if (reslen > 0) > > + *dest = '\0'; > > + return newlen; > > } > > Are you sure about this *dest = '\0' assignment? Shouldn't it > be done only when "(newlen < reslen)" just like the straight > copy and substitution cases? Actually no, this test is the proper one, I should have kept the " + 1" in the previous ones though so that we never append a char to a buffer that has less than 2 octets available in it. When we exit the loop, newlen is the length the result would occupy if there was enough space. So when there is an overflow, there is _no_ way that newlen < reslen. The sole thing we have to care about is: did the buffer had even enough space for the ending NUL or not, supposing that the previous loop tried hard to keep that room for us. So this test is correct, the ones I changed in the loop are not. I'll fix that. -- ·O· Pierre Habouzit ··O madcoder@xxxxxxxxxx OOO http://www.madism.org
Attachment:
pgp69wY2a60jP.pgp
Description: PGP signature
