Re: [PATCH v2] unit: Use g_memdup replacing g_malloc0+memcpy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Bharat,

On Monday 01 of June 2015 16:14:34 Bharat Panda wrote:
> Replace use of g_malloc0+memcpy with g_memdup.
> ---
>  unit/test-gattrib.c | 3 +--
>  unit/test-sdp.c     | 4 +---
>  2 files changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/unit/test-gattrib.c b/unit/test-gattrib.c
> index 416e596..d9c52d7 100644
> --- a/unit/test-gattrib.c
> +++ b/unit/test-gattrib.c
> @@ -224,8 +224,7 @@ static void result_canary(guint8 status, const guint8
> *pdu, guint16 len, struct result_data *result = data;
> 
>  	result->status = status;
> -	result->pdu = g_malloc0(len);
> -	memcpy(result->pdu, pdu, len);
> +	result->pdu = g_memdup(pdu, len);
>  	result->len = len;
> 
>  	if (g_test_verbose())
> diff --git a/unit/test-sdp.c b/unit/test-sdp.c
> index b4ef4d1..9d716d8 100644
> --- a/unit/test-sdp.c
> +++ b/unit/test-sdp.c
> @@ -189,9 +189,7 @@ static gboolean send_pdu(gpointer user_data)
> 
>  	pdu_len = req_pdu->raw_size + context->cont_size;
> 
> -	buf = g_malloc0(pdu_len);
> -
> -	memcpy(buf, req_pdu->raw_data, req_pdu->raw_size);
> +	buf = g_memdup(req_pdu->raw_data, pdu_len);

This is still not correct. If context->cont_size > 0 you will read from 
invalid memory after req_pdu->raw_data buffer ends.

g_memdup just doesn't fit here.

> 
>  	if (context->cont_size > 0)
>  		memcpy(buf + req_pdu->raw_size, context->cont_data,

-- 
BR
Szymon Janc
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux