stream: stop randomly corrupting memory

The intent of the line above the modified one code was raising the amount of read data, so that many stream_peek() calls with small len values would not degrade performance by effectively turning every stream_peak() into an unbuffered read call to the stream implementation. So this confusing looking MPMAX() was correct, but "chunk" could still get beyond the buffer. So just fix that and limit "chunk" correctly. I'm not sure whether the commit referenced below accidentally removed some intricate guarantee that this couldn't happen, since the code was around since 2013. It could have relied on TOTAL_BUFFER_SIZE > STREAM_BUFFER_SIZE. But not sure. I've rewritten all this code in my own branch a year ago, so who knows. Fixes: 162e0f5ad9 Fixes: #6948
2019-09-18 20:47:40 +02:00 · 2019-09-18 20:47:40 +02:00 · b04ddcdc0b
parent fa0a905ea0
commit b04ddcdc0b
1 changed files with 2 additions and 1 deletions
--- a/stream/stream.c
+++ b/stream/stream.c
@ -402,7 +402,8 @@ struct bstr stream_peek(stream_t *s, int len)
        // Fill rest of the buffer.
        while (buf_valid < len) {
            int chunk = MPMAX(len - buf_valid, STREAM_BUFFER_SIZE);
-            assert(buf_valid + chunk <= TOTAL_BUFFER_SIZE);
+            if (buf_valid + chunk > TOTAL_BUFFER_SIZE)
+                chunk = TOTAL_BUFFER_SIZE - buf_valid;
            int read = stream_read_unbuffered(s, &s->buffer[buf_valid], chunk);
            if (read == 0)
                break; // EOF