potential memory problem in RPC
Derek Atkins
warlord@MIT.EDU
20 Mar 2001 17:14:24 -0500
It may be possible to not allocate enough memory in some cases,
because gncQueryTerm and QueryTerm have different sizes. As a
result, it's possible that not enough space is actually alloc'ed.
This patch will make sure enough space is always alloc'ed for the
conversion.
-derek
Index: src/engine/rpc/RpcUtils.c
===================================================================
RCS file: /home/cvs/cvsroot/gnucash/src/engine/rpc/RpcUtils.c,v
retrieving revision 1.1
diff -u -r1.1 RpcUtils.c
--- src/engine/rpc/RpcUtils.c 2001/03/19 21:49:50 1.1
+++ src/engine/rpc/RpcUtils.c 2001/03/20 22:11:50
@@ -1199,8 +1199,16 @@
case PD_STRING:
PINFO ("BLAH... It's a string. I hope it doesn't have a Regex!");
default:
- term = malloc (sizeof (*term));
- memcpy (term, andlist->qt, sizeof (*term));
+ /* Allocate the right size */
+ if (toRpc) {
+ term = malloc (sizeof (*term));
+ memset (term, 0, sizeof (*term));
+ } else {
+ term = malloc (sizeof (*qt));
+ memset (term, 0, sizeof (*qt));
+ }
+ /* Only copy the smaller size */
+ memcpy (term, andlist->qt, MIN(sizeof (*qt), sizeof(*term)));
}
/* Set the predicate for non-rpc copies */
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available