From 8b3f0f3f69a393151252d7f2211c9a15ae6cb456 Mon Sep 17 00:00:00 2001 From: Paul Fertser Date: Tue, 10 Sep 2013 15:14:56 +0400 Subject: [PATCH] svf: off-by-one error; do not access after the allocated memory Keep the promise and ensure there're at least 3 bytes available after the current position. This eliminates the errors reported by Valgrind. Change-Id: I1d0640e904c750eed808b2b4caf419b4d7619845 Signed-off-by: Paul Fertser Reviewed-on: http://openocd.zylin.com/1615 Tested-by: jenkins Reviewed-by: Peter Stuge --- src/svf/svf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/svf/svf.c b/src/svf/svf.c index 69f75ac79..3e7bfbf20 100644 --- a/src/svf/svf.c +++ b/src/svf/svf.c @@ -642,8 +642,9 @@ static int svf_read_command_from_file(FILE *fd) * - added space. * - terminating NUL ('\0') */ - if ((cmd_pos + 2) >= svf_command_buffer_size) { - svf_command_buffer = realloc(svf_command_buffer, (cmd_pos + 2)); + if (cmd_pos + 3 > svf_command_buffer_size) { + svf_command_buffer = realloc(svf_command_buffer, cmd_pos + 3); + svf_command_buffer_size = cmd_pos + 3; if (svf_command_buffer == NULL) { LOG_ERROR("not enough memory"); return ERROR_FAIL;