Mercurial > dropbear

diff packet.c @ 1062:210982935887 coverity

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge
author Matt Johnston <matt@ucc.asn.au>
date Mon, 02 Mar 2015 21:17:41 +0800
parents 16584026a1f0
children 686cd3e8e13e
line wrap: on
line diff
--- a/packet.c	Sat Feb 28 23:25:16 2015 +0800
+++ b/packet.c	Mon Mar 02 21:17:41 2015 +0800
@@ -257,7 +257,7 @@
 	}
 
 	if (len > ses.readbuf->size) {
-		buf_resize(ses.readbuf, len);		
+		ses.readbuf = buf_resize(ses.readbuf, len);		
 	}
 	buf_setlen(ses.readbuf, len);
 	buf_setpos(ses.readbuf, blocksize);
@@ -314,18 +314,21 @@
 	if (is_compress_recv()) {
 		/* decompress */
 		ses.payload = buf_decompress(ses.readbuf, len);
+		buf_setpos(ses.payload, 0);
+		ses.payload_beginning = 0;
+		buf_free(ses.readbuf);
 	} else 
 #endif
 	{
+		ses.payload = ses.readbuf;
+		ses.payload_beginning = ses.payload->pos;
+		buf_setlen(ses.payload, ses.payload->pos + len);
 		/* copy payload */
-		ses.payload = buf_new(len);
-		memcpy(ses.payload->data, buf_getptr(ses.readbuf, len), len);
-		buf_incrlen(ses.payload, len);
+		//ses.payload = buf_new(len);
+		//memcpy(ses.payload->data, buf_getptr(ses.readbuf, len), len);
+		//buf_incrlen(ses.payload, len);
 	}
-
-	buf_free(ses.readbuf);
 	ses.readbuf = NULL;
-	buf_setpos(ses.payload, 0);
 
 	ses.recvseq++;
 
@@ -398,7 +401,7 @@
 				dropbear_exit("bad packet, oversized decompressed");
 			}
 			new_size = MIN(RECV_MAX_PAYLOAD_LEN, ret->size + ZLIB_DECOMPRESS_INCR);
-			buf_resize(ret, new_size);
+			ret = buf_resize(ret, new_size);
 		}
 	}
 }
@@ -637,7 +640,8 @@
 
 #ifndef DISABLE_ZLIB
 /* compresses len bytes from src, outputting to dest (starting from the
- * respective current positions. */
+ * respective current positions. dest must have sufficient space,
+ * len+ZLIB_COMPRESS_EXPANSION */
 static void buf_compress(buffer * dest, buffer * src, unsigned int len) {
 
 	unsigned int endpos = src->pos + len;
@@ -645,38 +649,28 @@
 
 	TRACE2(("enter buf_compress"))
 
-	while (1) {
-
-		ses.keys->trans.zstream->avail_in = endpos - src->pos;
-		ses.keys->trans.zstream->next_in = 
-			buf_getptr(src, ses.keys->trans.zstream->avail_in);
+	dropbear_assert(dest->size - dest->pos >= len+ZLIB_COMPRESS_EXPANSION);
 
-		ses.keys->trans.zstream->avail_out = dest->size - dest->pos;
-		ses.keys->trans.zstream->next_out =
-			buf_getwriteptr(dest, ses.keys->trans.zstream->avail_out);
+	ses.keys->trans.zstream->avail_in = endpos - src->pos;
+	ses.keys->trans.zstream->next_in = 
+		buf_getptr(src, ses.keys->trans.zstream->avail_in);
 
-		result = deflate(ses.keys->trans.zstream, Z_SYNC_FLUSH);
-
-		buf_setpos(src, endpos - ses.keys->trans.zstream->avail_in);
-		buf_setlen(dest, dest->size - ses.keys->trans.zstream->avail_out);
-		buf_setpos(dest, dest->len);
+	ses.keys->trans.zstream->avail_out = dest->size - dest->pos;
+	ses.keys->trans.zstream->next_out =
+		buf_getwriteptr(dest, ses.keys->trans.zstream->avail_out);
 
-		if (result != Z_OK) {
-			dropbear_exit("zlib error");
-		}
+	result = deflate(ses.keys->trans.zstream, Z_SYNC_FLUSH);
 
-		if (ses.keys->trans.zstream->avail_in == 0) {
-			break;
-		}
+	buf_setpos(src, endpos - ses.keys->trans.zstream->avail_in);
+	buf_setlen(dest, dest->size - ses.keys->trans.zstream->avail_out);
+	buf_setpos(dest, dest->len);
 
-		dropbear_assert(ses.keys->trans.zstream->avail_out == 0);
+	if (result != Z_OK) {
+		dropbear_exit("zlib error");
+	}
 
-		/* the buffer has been filled, we must extend. This only happens in
-		 * unusual circumstances where the data grows in size after deflate(),
-		 * but it is possible */
-		buf_resize(dest, dest->size + ZLIB_COMPRESS_EXPANSION);
-
-	}
+	/* fails if destination buffer wasn't large enough */
+	dropbear_assert(ses.keys->trans.zstream->avail_in == 0);
 	TRACE2(("leave buf_compress"))
 }
 #endif