From 443871a60b935dcd2ca643cf1fde189c9c6540ac Mon Sep 17 00:00:00 2001 From: Jeff Johnston Date: Fri, 16 Mar 2007 21:16:09 +0000 Subject: [PATCH] 2007-03-16 Charles Wilson * libc/argz/argz_insert.c: "before" pointer is invalid after *argz realloc. Compute offset between "before" and *argz, and use it after reallocation instead. --- newlib/ChangeLog | 7 +++++++ newlib/libc/argz/argz_insert.c | 7 +++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/newlib/ChangeLog b/newlib/ChangeLog index df161dcf0..50a5b3727 100644 --- a/newlib/ChangeLog +++ b/newlib/ChangeLog @@ -1,3 +1,10 @@ +2007-03-16 Charles Wilson + + * libc/argz/argz_insert.c: "before" pointer is + invalid after *argz realloc. Compute offset + between "before" and *argz, and use it after + reallocation instead. + 2007-03-16 Eric Blake * libc/stdio64/fseek064.c (_fseeko64_r): Fix reentrancy. diff --git a/newlib/libc/argz/argz_insert.c b/newlib/libc/argz/argz_insert.c index 8a9fb19b2..3ae662116 100644 --- a/newlib/libc/argz/argz_insert.c +++ b/newlib/libc/argz/argz_insert.c @@ -28,13 +28,16 @@ _DEFUN (argz_insert, (argz, argz_len, before, entry), while (before != *argz && before[-1]) before--; + /* delta will always be non-negative, and < *argz_len */ + ptrdiff_t delta = before - *argz; + len = strlen(entry) + 1; if(!(*argz = (char *)realloc(*argz, *argz_len + len))) return ENOMEM; - memmove(before + len, before, *argz + *argz_len - before); - memcpy(before, entry, len); + memmove(*argz + delta + len, *argz + delta, *argz_len - delta); + memcpy(*argz + delta, entry, len); *argz_len += len;