Changeset 88057e3 in mainline

Timestamp:

2012-01-23T16:22:40Z (12 years ago)

Author:

Martin Decky <martin@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

a6240a31

Parents:

9d09d7f

Message:

fix a nasty bug that could force loc_get_categories() to go into an infinite loop
note that the the loop is still unbounded, but it should not cause any real trouble

File:

• uspace/lib/c/generic/loc.c (modified) (2 diffs)

uspace/lib/c/generic/loc.c

@@ -795 +795 @@
     sysarg_t **data, size_t *count)
 {
-        service_id_t *ids;
-        size_t act_size;
-        size_t alloc_size;
-        int rc;
-
         *data = NULL;
-        act_size = 0;   /* silence warning */
-
-        rc = loc_category_get_ids_once(method, arg1, NULL, 0,
+        *count = 0;
+        
+        size_t act_size = 0;
+        int rc = loc_category_get_ids_once(method, arg1, NULL, 0,
             &act_size);
         if (rc != EOK)
                 return rc;
-
-        alloc_size = act_size;
-        ids = malloc(alloc_size);
+        
+        size_t alloc_size = act_size;
+        service_id_t *ids = malloc(alloc_size);
         if (ids == NULL)
                 return ENOMEM;
-
+        
         while (true) {
                 rc = loc_category_get_ids_once(method, arg1, ids, alloc_size,
@@ -818 +814 @@
                 if (rc != EOK)
                         return rc;
-
-                if (act_size <= alloc_size)
+                
+                if (alloc_size <= act_size)
                         break;
-
-                alloc_size *= 2;
-                free(ids);
-
-                ids = malloc(alloc_size);
+                
+                alloc_size = act_size;
+                ids = realloc(ids, alloc_size);
                 if (ids == NULL)
                         return ENOMEM;
         }
-
+        
         *count = act_size / sizeof(category_id_t);
         *data = ids;