Bugzilla – Attachment 1117 Details for
Bug 1131
buffer_append_space: alloc not supported Error with V 4.2p1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Revised diff
buffer-check-len2.diff (text/plain), 4.07 KB, created by
Damien Miller
on 2006-04-05 12:37:09 AEST
(
hide
)
Description:
Revised diff
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2006-04-05 12:37:09 AEST
Size:
4.07 KB
patch
obsolete
>Index: buffer.c >=================================================================== >RCS file: /var/cvs/openssh/buffer.c,v >retrieving revision 1.26 >diff -u -p -r1.26 buffer.c >--- buffer.c 26 Mar 2006 03:24:49 -0000 1.26 >+++ buffer.c 5 Apr 2006 02:30:16 -0000 >@@ -18,6 +18,10 @@ > #include "buffer.h" > #include "log.h" > >+#define BUFFER_MAX_CHUNK 0x100000 >+#define BUFFER_MAX_LEN 0xa00000 >+#define BUFFER_ALLOCSZ 0x008000 >+ > /* Initializes the buffer structure. */ > > void >@@ -66,6 +70,23 @@ buffer_append(Buffer *buffer, const void > memcpy(p, data, len); > } > >+static int >+buffer_compact(Buffer *buffer) >+{ >+ /* >+ * If the buffer is quite empty, but all data is at the end, move the >+ * data to the beginning. >+ */ >+ if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) { >+ memmove(buffer->buf, buffer->buf + buffer->offset, >+ buffer->end - buffer->offset); >+ buffer->end -= buffer->offset; >+ buffer->offset = 0; >+ return (1); >+ } >+ return (0); >+} >+ > /* > * Appends space to the buffer, expanding the buffer if necessary. This does > * not actually copy the data into the buffer, but instead returns a pointer >@@ -93,20 +114,13 @@ restart: > buffer->end += len; > return p; > } >- /* >- * If the buffer is quite empty, but all data is at the end, move the >- * data to the beginning and retry. >- */ >- if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) { >- memmove(buffer->buf, buffer->buf + buffer->offset, >- buffer->end - buffer->offset); >- buffer->end -= buffer->offset; >- buffer->offset = 0; >+ >+ /* Compact data back to the start of the buffer if necessary */ >+ if (buffer_compact(buffer)) > goto restart; >- } >- /* Increase the size of the buffer and retry. */ > >- newlen = buffer->alloc + len + 32768; >+ /* Increase the size of the buffer and retry. */ >+ newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ); > if (newlen > BUFFER_MAX_LEN) > fatal("buffer_append_space: alloc %u not supported", > newlen); >@@ -114,6 +128,27 @@ restart: > buffer->alloc = newlen; > goto restart; > /* NOTREACHED */ >+} >+ >+/* >+ * Check whether an allocation of 'len' will fit in the buffer >+ * This must follow the same math as buffer_append_space >+ */ >+int >+buffer_check_alloc(Buffer *buffer, u_int len) >+{ >+ if (buffer->offset == buffer->end) { >+ buffer->offset = 0; >+ buffer->end = 0; >+ } >+ restart: >+ if (buffer->end + len < buffer->alloc) >+ return (1); >+ if (buffer_compact(buffer)) >+ goto restart; >+ if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN) >+ return (1); >+ return (0); > } > > /* Returns the number of bytes of data in the buffer. */ >Index: buffer.h >=================================================================== >RCS file: /var/cvs/openssh/buffer.h,v >retrieving revision 1.14 >diff -u -p -r1.14 buffer.h >--- buffer.h 26 Mar 2006 03:30:01 -0000 1.14 >+++ buffer.h 4 Apr 2006 00:39:16 -0000 >@@ -23,9 +23,6 @@ typedef struct { > u_int end; /* Offset of last byte containing data. */ > } Buffer; > >-#define BUFFER_MAX_CHUNK 0x100000 >-#define BUFFER_MAX_LEN 0xa00000 >- > void buffer_init(Buffer *); > void buffer_clear(Buffer *); > void buffer_free(Buffer *); >@@ -35,6 +32,8 @@ void *buffer_ptr(Buffer *); > > void buffer_append(Buffer *, const void *, u_int); > void *buffer_append_space(Buffer *, u_int); >+ >+int buffer_check_alloc(Buffer *, u_int); > > void buffer_get(Buffer *, void *, u_int); > >Index: channels.c >=================================================================== >RCS file: /var/cvs/openssh/channels.c,v >retrieving revision 1.228 >diff -u -p -r1.228 channels.c >--- channels.c 31 Mar 2006 12:11:44 -0000 1.228 >+++ channels.c 5 Apr 2006 02:30:36 -0000 >@@ -747,12 +747,10 @@ channel_pre_open(Channel *c, fd_set *rea > { > u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); > >- /* check buffer limits */ >- limit = MIN(limit, (BUFFER_MAX_LEN - BUFFER_MAX_CHUNK - CHAN_RBUF)); >- > if (c->istate == CHAN_INPUT_OPEN && > limit > 0 && >- buffer_len(&c->input) < limit) >+ buffer_len(&c->input) < limit && >+ buffer_check_alloc(&c->input, CHAN_RBUF)) > FD_SET(c->rfd, readset); > if (c->ostate == CHAN_OUTPUT_OPEN || > c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1117">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1131
:
1071
|
1072
|
1092
|
1095
|
1100
|
1103
|
1113
|
1114
|
1115
|
1116
| 1117