diff options
author | Krisztian Litkey <krisztian.litkey@nokia.com> | 2010-11-25 18:12:34 +0200 |
---|---|---|
committer | Krisztian Litkey <krisztian.litkey@nokia.com> | 2010-11-25 18:12:34 +0200 |
commit | f81a38022bcd2ee96833510493dccfa48dc69d1d (patch) | |
tree | d5c69c07f1899257e51a55dfacd49f931f27d8c1 | |
parent | 400729533ff2fc7c20f39e441638d234f76c6fe2 (diff) |
Don't crash on long input.
-rw-r--r-- | client/client.c | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/client/client.c b/client/client.c index 5cc9cfe..f9b1184 100644 --- a/client/client.c +++ b/client/client.c @@ -71,7 +71,8 @@ typedef struct { GIOChannel *chan; guint evsrc; int accept; - char buf[256]; + char *buf; + int buf_size; int len; /* buffer length */ } input_t; @@ -223,9 +224,29 @@ static void create_input(void) if ((input.chan = g_io_channel_unix_new(0)) == NULL) print_error("Failed to create input"); + input.buf_size = 256; + input.buf = malloc(input.buf_size); + + if (input.buf == NULL) + print_error("Failed to allocate input buffer"); + + memset(input.buf, 0, input.buf_size); + input.evsrc = g_io_add_watch(input.chan, cond, input_cb, NULL); } + +static void resize_input(void) +{ + input.buf = realloc(input.buf, input.buf_size * 2); + + if (input.buf == NULL) + print_error("Failed to grow buffer to %d bytes", 2 * input.buf_size); + + memset(input.buf + input.buf_size, 0, input.buf_size); + input.buf_size *= 2; +} + static void destroy_input(void) { g_source_remove(input.evsrc); @@ -447,12 +468,13 @@ static gboolean input_cb(GIOChannel *ch, GIOCondition cond, gpointer data) if (cond == G_IO_IN) { if (!input.accept) { + errno = 0; while (read(0, ignore, sizeof(ignore)) > 0 || errno == EINTR) ; } else { - while ((rest = sizeof(input.buf) - input.len) > 0) { - + while ((rest = input.buf_size - input.len) > 0) { + errno = 0; if ((junk = read(0, input.buf + input.len, rest)) < 0) { if (errno == EAGAIN) break; @@ -464,6 +486,9 @@ static gboolean input_cb(GIOChannel *ch, GIOCondition cond, gpointer data) } input.len += junk; + + if (input.len == input.buf_size) + resize_input(); } lincnt = 0; |