Fix truncation problem when reading in long lines. Found by Koen Kooi.

After realloc()ing a second time for long lines, buflen was one byte short.
It did not take into account buf being pointed at the NULL terminator, before
the end of the buffer. So when fgets() was next called, it inserted its NULL
terminator one byte earlier than expected. The earlier terminator was not
overwritten by subsequent iterations as it should have been.

git-svn-id: http://opkg.googlecode.com/svn/trunk@438 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358

diff --git a/libopkg/pkg_parse.c b/libopkg/pkg_parse.c
index d01dff51dcd192d95dc5def0ca5c4aa32599279b..e0de41f9c55ece8438099eaee6fd60905c29f361 100644 (file)
--- a/libopkg/pkg_parse.c
+++ b/libopkg/pkg_parse.c
@@ -351,16 +351,17 @@ pkg_parse_from_stream_nomalloc(pkg_t *pkg, FILE *fp, uint mask,
                        }
 
                        /*
                        }
 
                        /*

-                        * Realloc and move buf past the data already read.
+                        * Realloc and point buf past the data already read,
+                        * at the NULL terminator inserted by fgets.

                         * |<--------------- buf0len ----------------->|
                         * |                     |<------- buflen ---->|
                         * |---------------------|---------------------|
                         * buf0                   buf
                         */
                         * |<--------------- buf0len ----------------->|
                         * |                     |<------- buflen ---->|
                         * |---------------------|---------------------|
                         * buf0                   buf
                         */

-                       buflen = buf0len;
+                       buflen = buf0len +1;

                        buf0len *= 2;
                        *buf0 = xrealloc(*buf0, buf0len);
                        buf0len *= 2;
                        *buf0 = xrealloc(*buf0, buf0len);

-                       buf = *buf0 + buflen -1;
+                       buf = *buf0 + buflen -2;

 
                        continue;
                }
 
                        continue;
                }