From 16ecd6d75bfabb97193581bcc8095652759cdb8e Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Thu, 17 Dec 2015 18:07:19 +0100 Subject: [PATCH] Fix buffer resizing logic in buffer_put_at(). When growing the buffer when it's not big enough for new data, the current size is doubled repeatedly until it is big enough for the new data. The required new size is stored in the variable "required", however the doubling loop exited when the new size was at least buf->used + len, which might be much smaller than "required" if an out-of-order packet is received. --- utcp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utcp.c b/utcp.c index 9bae7b9..13f4658 100644 --- a/utcp.c +++ b/utcp.c @@ -173,7 +173,7 @@ static ssize_t buffer_put_at(struct buffer *buf, size_t offset, const void *data } else { do { newsize *= 2; - } while(newsize < buf->used + len); + } while(newsize < required); } if(newsize > buf->maxsize) newsize = buf->maxsize; -- 2.39.5