From 4effc29fb1c33a87a8d386de39c20d36a6956645 Mon Sep 17 00:00:00 2001
From: Avneesh Sachdev <avneesh@opensourcerouting.org>
Date: Sat, 5 May 2012 17:42:43 -0700
Subject: lib: improve sanity checks in stream_set_endp()

  * lib/stream.c: (stream_set_endp) Add checks to make sure that the
    supplied 'endp' is within the 'size' of the stream, and that the
    current read pointer 'getp' is not beyond the specified 'endp'.
---
 lib/stream.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'lib/stream.c')

diff --git a/lib/stream.c b/lib/stream.c
index b226a25e..ee2920e6 100644
--- a/lib/stream.c
+++ b/lib/stream.c
@@ -219,13 +219,23 @@ stream_set_endp (struct stream *s, size_t pos)
 {
   STREAM_VERIFY_SANE(s);
 
-  if (!GETP_VALID (s, pos))
+  if (!ENDP_VALID(s, pos))
     {
       STREAM_BOUND_WARN (s, "set endp");
-      pos = s->endp;
+      return;
+    }
+
+  /*
+   * Make sure the current read pointer is not beyond the new endp.
+   */
+  if (s->getp > pos)
+    {
+      STREAM_BOUND_WARN(s, "set endp");
+      return;
     }
 
   s->endp = pos;
+  STREAM_VERIFY_SANE(s);
 }
 
 /* Forward pointer. */
-- 
cgit v1.2.1