Ensure socket TX buf size is separate from RX size

After performing XID parameter negotiation, do not simply use the negotiated TX buffer size when allocating the RX buffer; this resolves an issue wherein read()s into the RX buffer (allocated with a size equal to the TX buffer, which may be smaller) would cause memory errors
2020-07-26 01:55:21 -04:00 · 2020-07-26 01:55:21 -04:00 · 3ef0da27b5
commit 3ef0da27b5
parent 1ba57a8df2
1 changed files with 8 additions and 4 deletions
--- a/src/sock.c
+++ b/src/sock.c
@ -54,10 +54,14 @@ error_open:
    return -1;
 }

-static inline size_t bufsz(patty_ax25_sock *sock) {
+static inline size_t tx_bufsz(patty_ax25_sock *sock) {
    return PATTY_AX25_FRAME_OVERHEAD + sock->n_maxlen_tx;
 }

+static inline size_t rx_bufsz(patty_ax25_sock *sock) {
+    return PATTY_AX25_FRAME_OVERHEAD + sock->n_maxlen_rx;
+}
+
 static inline size_t tx_slot_size(patty_ax25_sock *sock) {
    return sizeof(size_t) + PATTY_AX25_FRAME_OVERHEAD + sock->n_maxlen_tx;
 }
@ -74,11 +78,11 @@ static inline void *tx_slot(patty_ax25_sock *sock, size_t seq) {
 }

 static int init_bufs(patty_ax25_sock *sock) {
-    if ((sock->tx_buf = realloc(sock->tx_buf, bufsz(sock))) == NULL) {
+    if ((sock->tx_buf = realloc(sock->tx_buf, tx_bufsz(sock))) == NULL) {
        goto error_realloc_tx_buf;
    }

-    if ((sock->rx_buf = realloc(sock->rx_buf, bufsz(sock))) == NULL) {
+    if ((sock->rx_buf = realloc(sock->rx_buf, rx_bufsz(sock))) == NULL) {
        goto error_realloc_rx_buf;
    }

@ -398,7 +402,7 @@ ssize_t patty_ax25_sock_send(patty_ax25_sock *sock,
        goto error_toobig;
    }

-    if ((encoded = encode_address(sock, cr, buf, bufsz(sock))) < 0) {
+    if ((encoded = encode_address(sock, cr, buf, tx_bufsz(sock))) < 0) {
        goto error_encode_address;
    } else {
        offset += encoded;