aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Saleem Abdulrasool <compnerd@compnerd.org> 2016-01-22 09:54:02 -0800
committerAvatar Saleem Abdulrasool <compnerd@compnerd.org> 2016-01-22 09:54:02 -0800
commitb1ec345ff80b9f77ff385ed6b7edc0b5940aa2fb (patch)
tree775be41caa70a28a8359f3da2dd6c3ae7b4ad4fb
parent6cc7eb47142dcad1cf277ccf31c38fc53746e45e (diff)
downloadpaludis-b1ec345ff80b9f77ff385ed6b7edc0b5940aa2fb.tar.gz
paludis-b1ec345ff80b9f77ff385ed6b7edc0b5940aa2fb.tar.xz
util: use `resize` instead of `reserve`
Although `reserve` should be sufficient, it is technically incorrect as per the spec. The result of `data` is only valid for the range [data(), data() + size()]. However, given that a `resize` will not adjust the size of the vector, the valid range for the data pointer will be the previous capacity, potentially resulting in a heap corruption. Thanks to Freundlich for pointing this out.
-rw-r--r--paludis/util/persona.cc12
1 files changed, 6 insertions, 6 deletions
diff --git a/paludis/util/persona.cc b/paludis/util/persona.cc
index 817ea96..3964356 100644
--- a/paludis/util/persona.cc
+++ b/paludis/util/persona.cc
@@ -75,10 +75,10 @@ namespace paludis
length =
initial_buffer_size<_SC_GETPW_R_SIZE_MAX>("accounts.getpw_r_size");
- for (buffer.reserve(length);
+ for (buffer.resize(length);
(rv = ::getpwnam_r(name, &pwd, buffer.data(), buffer.capacity(),
&result)) == ERANGE;
- buffer.reserve(length))
+ buffer.resize(length))
length = length * 2;
return rv;
@@ -95,10 +95,10 @@ namespace paludis
length =
initial_buffer_size<_SC_GETGR_R_SIZE_MAX>("accounts.getgr_r_size");
- for (buffer.reserve(length);
+ for (buffer.resize(length);
(rv = ::getgrgid_r(gid, &grp, buffer.data(), buffer.capacity(),
&result)) == ERANGE;
- buffer.reserve(length))
+ buffer.resize(length))
length = length * 2;
return rv;
@@ -115,10 +115,10 @@ namespace paludis
length =
initial_buffer_size<_SC_GETPW_R_SIZE_MAX>("accounts.getpw_r_size");
- for (buffer.reserve(length);
+ for (buffer.resize(length);
(rv = ::getpwuid_r(uid, &pwd, buffer.data(), buffer.capacity(),
&result)) == ERANGE;
- buffer.reserve(length))
+ buffer.resize(length))
length = length * 2;
return rv;