On Jun 7, 2011, at 4:03 AM, Nick Mathewson wrote:
On Mon, Jun 6, 2011 at 8:37 PM, Nir Soffer <nirsof@xxxxxxxxx> wrote: Here's another patch that might make stuff work. Before I'd apply it, I'd like to have a look through everything that's using evbuffer_ptr_set() and evbuffer_ptr right now to make sure that nothing will freak out if it gets a pointer like this. What do you think?
Here is a new test case that fail with this patch:
/* Search the next 18 bytes for "attack" */
tt_int_op(evbuffer_ptr_set(buf, &end, 18, EVBUFFER_PTR_SET), ==,
0);
pos = evbuffer_search_range(buf, "attack", 6, NULL, &end);
tt_int_op(pos.pos, ==, 11);
The use case is simple - I want to limit the search to some range,
which happen to be longer then the buffer. To make this work with this
patch, I have to do something like this:
size_t length = evbuffer_get_length(buf); if (limit > length) limit = length; evbuffer_ptr_set(buf, &end, limit, EVBUFFER_PTR_SET); pos = evbuffer_search_range(buf, "needle", 6, NULL, &end); But what I would like to do is this: evbuffer_ptr_set(buf, &end, limit, EVBUFFER_PTR_SET); pos = evbuffer_search_range(buf, "needle", 6, NULL, &end);So evebuffer_ptr_set should succeed even if position is after the end of the buffer;
The attached patch make it work, but accepting any position, even if it out of the buffer range.
I did not inspect the code handling these ranges yet - it is possible that such ranges will lead to accessing memory you should not access, if the code was depending on ranges to be always within the buffer.
Attachment:
0003-Allow-evbuffer_ptr-to-point-after-the-buffer-content.patch
Description: Binary data