memorypool: better check for value wraps

author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2019-06-13 10:53:31 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2019-06-13 10:53:31 +0300
commit: 2c54092e7e608e6121addbfebbb8c6283de609f8 (patch)
tree: 3bc04c29cb9ddf17b926716db59050cd798e2e84
parent: fd62683c0dc0a16a27fcfc82b43e57ef13ac9a38 (diff)
download: libmicrohttpd-2c54092e7e608e6121addbfebbb8c6283de609f8.tar.gz
libmicrohttpd-2c54092e7e608e6121addbfebbb8c6283de609f8.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/microhttpd/memorypool.c b/src/microhttpd/memorypool.c
index 4a890967..20ab4908 100644
--- a/src/microhttpd/memorypool.c
+++ b/src/microhttpd/memorypool.c
@@ -268,7 +268,7 @@ MHD_pool_reallocate (struct MemoryPool *pool,
  /* Blocks "from the end" must not be reallocated */
  mhd_assert (old == NULL || pool->memory + pool->pos > (uint8_t*)old);
-  if (pool->memory + new_size + 2 * ALIGN_SIZE< pool->memory)
+  if (new_size + 2 * ALIGN_SIZE < new_size)
    return NULL; /* Value wrap, too large new_size. */
  if (0 != old_size)
@@ -278,7 +278,8 @@ MHD_pool_reallocate (struct MemoryPool *pool,
      if (pool->pos == ROUND_TO_ALIGN (old_offset + old_size))
        { /* "old" block is the last allocated block */
          const size_t new_apos = ROUND_TO_ALIGN (old_offset + new_size);
-          if (new_apos > pool->end)
+          if ( (new_apos > pool->end) ||
+               (new_apos < pool->pos) ) /* Value wrap */
            return NULL; /* No space */
          pool->pos = new_apos;
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2019-06-13 10:53:31 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2019-06-13 10:53:31 +0300
commit	2c54092e7e608e6121addbfebbb8c6283de609f8 (patch)
tree	3bc04c29cb9ddf17b926716db59050cd798e2e84
parent	fd62683c0dc0a16a27fcfc82b43e57ef13ac9a38 (diff)
download	libmicrohttpd-2c54092e7e608e6121addbfebbb8c6283de609f8.tar.gz libmicrohttpd-2c54092e7e608e6121addbfebbb8c6283de609f8.zip