Skip to content
This repository was archived by the owner on Nov 27, 2024. It is now read-only.

Commit d478a6f

Browse files
charlesUnixProcharlesUnixPro
committed
Fix telnet->q allocator to function as documented.
1 parent 278f59b commit d478a6f

File tree

1 file changed

+26
-15
lines changed

1 file changed

+26
-15
lines changed

libtelnet.c

Lines changed: 26 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,9 @@ struct telnet_t {
103103
/* current subnegotiation telopt */
104104
unsigned char sb_telopt;
105105
/* length of RFC1143 queue */
106-
unsigned char q_size;
106+
unsigned int q_size;
107+
/* number of entries in RFC1143 queue */
108+
unsigned int q_cnt;
107109
};
108110

109111
/* RFC1143 option negotiation state */
@@ -262,7 +264,7 @@ static INLINE int _check_telopt(telnet_t *telnet, unsigned char telopt,
262264
if (telnet->telopts == 0)
263265
return 0;
264266

265-
/* loop unti found or end marker (us and him both 0) */
267+
/* loop until found or end marker (us and him both 0) */
266268
for (i = 0; telnet->telopts[i].telopt != -1; ++i) {
267269
if (telnet->telopts[i].telopt == telopt) {
268270
if (us && telnet->telopts[i].us == TELNET_WILL)
@@ -285,7 +287,7 @@ static INLINE telnet_rfc1143_t _get_rfc1143(telnet_t *telnet,
285287
int i;
286288

287289
/* search for entry */
288-
for (i = 0; i != telnet->q_size; ++i) {
290+
for (i = 0; i != telnet->q_cnt; ++i) {
289291
if (telnet->q[i].telopt == telopt) {
290292
return telnet->q[i];
291293
}
@@ -304,7 +306,7 @@ static INLINE void _set_rfc1143(telnet_t *telnet, unsigned char telopt,
304306
int i;
305307

306308
/* search for entry */
307-
for (i = 0; i != telnet->q_size; ++i) {
309+
for (i = 0; i != telnet->q_cnt; ++i) {
308310
if (telnet->q[i].telopt == telopt) {
309311
telnet->q[i].state = Q_MAKE(us,him);
310312
if (telopt != TELNET_TELOPT_BINARY)
@@ -325,17 +327,25 @@ static INLINE void _set_rfc1143(telnet_t *telnet, unsigned char telopt,
325327
* to the number of enabled options for most simple code, and it
326328
* allows for an acceptable number of reallocations for complex code.
327329
*/
328-
if ((qtmp = (telnet_rfc1143_t *)realloc(telnet->q,
329-
sizeof(telnet_rfc1143_t) * (telnet->q_size + 4))) == 0) {
330-
_error(telnet, __LINE__, __func__, TELNET_ENOMEM, 0,
331-
"realloc() failed: %s", strerror(errno));
332-
return;
330+
331+
#define QUANTUM 4
332+
/* Did we reach the end of the table? */
333+
if (i >= telnet->q_size) {
334+
/* Expand the size */
335+
if ((qtmp = (telnet_rfc1143_t *)realloc(telnet->q,
336+
sizeof(telnet_rfc1143_t) * (telnet->q_size + QUANTUM))) == 0) {
337+
_error(telnet, __LINE__, __func__, TELNET_ENOMEM, 0,
338+
"realloc() failed: %s", strerror(errno));
339+
return;
340+
}
341+
memset(&qtmp[telnet->q_size], 0, sizeof(telnet_rfc1143_t) * QUANTUM);
342+
telnet->q = qtmp;
343+
telnet->q_size += QUANTUM;
333344
}
334-
memset(&qtmp[telnet->q_size], 0, sizeof(telnet_rfc1143_t) * 4);
335-
telnet->q = qtmp;
336-
telnet->q[telnet->q_size].telopt = telopt;
337-
telnet->q[telnet->q_size].state = Q_MAKE(us, him);
338-
telnet->q_size += 4;
345+
/* Add entry to end of table */
346+
telnet->q[telnet->q_cnt].telopt = telopt;
347+
telnet->q[telnet->q_cnt].state = Q_MAKE(us, him);
348+
telnet->q_cnt ++;
339349
}
340350

341351
/* send negotiation bytes */
@@ -909,8 +919,9 @@ void telnet_free(telnet_t *telnet) {
909919
/* free RFC1143 queue */
910920
if (telnet->q) {
911921
free(telnet->q);
912-
telnet->q = 0;
922+
telnet->q = NULL;
913923
telnet->q_size = 0;
924+
telnet->q_cnt = 0;
914925
}
915926

916927
/* free the telnet structure itself */

0 commit comments

Comments
 (0)