From: Rusty Russell <rusty@rustcorp.com.au>
Date: Mon, 29 Jun 2009 02:17:20 +0000 (+0930)
Subject: Fix theoretical problem with 0-length records.
X-Git-Url: https://git.ozlabs.org/?a=commitdiff_plain;h=195b605e88209772a4b2bc2e0ef32e610e62feb7;hp=6d35d746f123291ba93a592997dcd5b6fe7828cf;p=ccan

Fix theoretical problem with 0-length records.
By faking them out to length 1, we might go oob.  Just fake the malloc.
---

diff --git a/ccan/tdb/io.c b/ccan/tdb/io.c
index c25f1cb4..d8140fea 100644
--- a/ccan/tdb/io.c
+++ b/ccan/tdb/io.c
@@ -383,11 +383,7 @@ unsigned char *tdb_alloc_read(struct tdb_context *tdb, tdb_off_t offset, tdb_len
 	unsigned char *buf;
 
 	/* some systems don't like zero length malloc */
-	if (len == 0) {
-		len = 1;
-	}
-
-	if (!(buf = (unsigned char *)malloc(len))) {
+	if (!(buf = (unsigned char *)malloc(len ? len : 1))) {
 		/* Ensure ecode is set for log fn. */
 		tdb->ecode = TDB_ERR_OOM;
 		TDB_LOG((tdb, TDB_DEBUG_ERROR,"tdb_alloc_read malloc failed len=%d (%s)\n",