On Tue, Jun 7, 2011 at 16:30, Nir Soffer <nir...@gmail.com> wrote: > > On Jun 7, 2011, at 4:03 AM, Nick Mathewson wrote: > >> On Mon, Jun 6, 2011 at 8:37 PM, Nir Soffer <nir...@gmail.com> wrote: >> Here's another patch that might make stuff work. Before I'd apply it, >> I'd like to have a look through everything that's using >> evbuffer_ptr_set() and evbuffer_ptr right now to make sure that >> nothing will freak out if it gets a pointer like this. >> >> What do you think? > > Here is a new test case that fail with this patch: > > /* Search the next 18 bytes for "attack" */ > tt_int_op(evbuffer_ptr_set(buf, &end, 18, EVBUFFER_PTR_SET), ==, 0); > pos = evbuffer_search_range(buf, "attack", 6, NULL, &end); > tt_int_op(pos.pos, ==, 11); > > The use case is simple - I want to limit the search to some range, which > happen to be longer then the buffer. To make this work with this patch, I > have to do something like this: > > size_t length = evbuffer_get_length(buf); > > if (limit > length) > limit = length; > > evbuffer_ptr_set(buf, &end, limit, EVBUFFER_PTR_SET); > pos = evbuffer_search_range(buf, "needle", 6, NULL, &end); > > But what I would like to do is this: > > evbuffer_ptr_set(buf, &end, limit, EVBUFFER_PTR_SET); > pos = evbuffer_search_range(buf, "needle", 6, NULL, &end); > > So evebuffer_ptr_set should succeed even if position is after the end of the > buffer; > > The attached patch make it work, but accepting any position, even if it out > of the buffer range. > > I did not inspect the code handling these ranges yet - it is possible that > such ranges will lead to accessing memory you should not access, if the code > was depending on ranges to be always within the buffer.
How these changes expected to affect evbuffer_read(), evbuffer_write() and like functions? -- Andrew W. Nosenko <andrew.w.nose...@gmail.com> *********************************************************************** To unsubscribe, send an e-mail to majord...@freehaven.net with unsubscribe libevent-users in the body.
