diff options
author | Rich Felker <dalias@aerifal.cx> | 2011-09-04 21:40:42 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2011-09-04 21:40:42 -0400 |
commit | e72ee5786b1f328da131b87388333c2e3a09b7b3 (patch) | |
tree | b50b10ec6edb5fad79386c1cdb6b249a91ba69a3 | |
parent | a7778dae226fbae335383bc92b6cdfccc5ea9f2e (diff) | |
download | musl-e72ee5786b1f328da131b87388333c2e3a09b7b3.tar.gz musl-e72ee5786b1f328da131b87388333c2e3a09b7b3.tar.xz musl-e72ee5786b1f328da131b87388333c2e3a09b7b3.zip |
fix some fmemopen behaviors
read should not be allowed past "current size". append mode should write at "current size", not buffer size. null termination should not be written except when "current size" grows.
-rw-r--r-- | src/stdio/fmemopen.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/stdio/fmemopen.c b/src/stdio/fmemopen.c index e2adfb22..260d2889 100644 --- a/src/stdio/fmemopen.c +++ b/src/stdio/fmemopen.c @@ -23,7 +23,8 @@ fail: static size_t mread(FILE *f, unsigned char *buf, size_t len) { struct cookie *c = f->cookie; - size_t rem = c->size - c->pos; + size_t rem = c->len - c->pos; + if (c->pos > c->len) rem = 0; if (len > rem) { len = rem; f->flags |= F_EOF; @@ -48,13 +49,15 @@ static size_t mwrite(FILE *f, const unsigned char *buf, size_t len) f->wpos = f->wbase; if (mwrite(f, f->wpos, len2) < len2) return 0; } - if (c->mode == 'a') c->pos = c->size; + if (c->mode == 'a') c->pos = c->len; rem = c->size - c->pos; if (len > rem) len = rem; memcpy(c->buf+c->pos, buf, len); c->pos += len; - if (c->pos >= c->len) c->len = c->pos; - c->buf[c->len==c->size ? c->len-1 : c->len] = 0; + if (c->pos >= c->len) { + c->len = c->pos; + c->buf[c->len==c->size ? c->len-1 : c->len] = 0; + } return len; } |