1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
From 2600d01373ce04b34f698f3887e90a35c77bda61 Mon Sep 17 00:00:00 2001
From: labath <pavelo@centrum.sk>
Date: Tue, 31 Jan 2017 01:31:09 +0000
Subject: [PATCH] Fix an out-of-range error in new_graph (#356)
The code was multiplying the index with the size of the element, and
then adding it to the typed pointer (resulting in a double
multiplication and an OOB access).
Replace the buggy code with a slightly safer c++ alternative.
---
src/specials.cc | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/specials.cc b/src/specials.cc
index ee941eb..73bd2a2 100644
--- a/src/specials.cc
+++ b/src/specials.cc
@@ -519,14 +519,12 @@ void new_graph(struct text_object *obj, char *buf, int buf_max_size, double val)
DBGP("reallocing graph from %d to %d", s->graph_allocated, s->graph_width);
if (!s->graph) {
/* initialize */
- memset(graph, 0, s->graph_width * sizeof(double));
+ std::fill_n(graph, s->graph_width, 0.0);
s->scale = 100;
} else {
if (s->graph_width > s->graph_allocated) {
/* initialize the new region */
- memset(graph + (s->graph_allocated * sizeof(double)), 0,
- (s->graph_width - s->graph_allocated) *
- sizeof(double));
+ std::fill(graph + s->graph_allocated, graph + s->graph_width, 0.0);
}
}
s->graph = graph;
|
GitWeb
