On Tue, Oct 07, 2003 at 12:59:31AM +0300, Timo Sirainen wrote: > On Sun, 2003-10-05 at 02:56, Wayne Davison wrote: > > On Sat, Oct 04, 2003 at 11:38:48PM +0300, Timo Sirainen wrote: > > > for (i=0; i < (int) s->count;i++) { > > > > Yeah, that's pretty bad. Attached is a patch that should fix this and a > > number of other related problems where the code assumed that size_t > > would fit into an int. > > The main problem wasn't int vs. size_t. malloc() call would have > overflowed even if i had been size_t.
Wayne was addressing the type inconsistency which you had brought up as a second point. > Included a patch that fixes all the potential malloc()/realloc() > overflows that I found. I'd feel a bit safer with them included :) Looks mostly OK. Some nits: Always put whitespace around operators, "INT_MAX - 4" not "INT_MAX-4". INT_MAX is probably incorrect. UINT_MAX is closer but don't count on 32bit ints or that size_t == uint32. When on a 64bit system size_t won't wrap on us so we don't want to impose an arbitrary limit. If the patch is an attachment use text/plain not some other mime-type. -- ________________________________________________________________ J.W. Schultz Pegasystems Technologies email address: [EMAIL PROTECTED] Remember Cernan and Schmitt -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html