1 --- openssh-3.2.3p1/buffer.c 26 Jun 2002 08:54:18 -0000 1.16
2 +++ openssh-3.2.3p1/buffer.c 16 Sep 2003 21:02:39 -0000 1.18
5 buffer_init(Buffer *buffer)
7 - buffer->alloc = 4096;
8 - buffer->buf = xmalloc(buffer->alloc);
9 + const u_int len = 4096;
12 + buffer->buf = xmalloc(len);
13 + buffer->alloc = len;
19 buffer_free(Buffer *buffer)
21 - memset(buffer->buf, 0, buffer->alloc);
23 + if (buffer->alloc > 0) {
24 + memset(buffer->buf, 0, buffer->alloc);
32 buffer_append_space(Buffer *buffer, u_int len)
41 /* Increase the size of the buffer and retry. */
42 - buffer->alloc += len + 32768;
43 - buffer->buf = xrealloc(buffer->buf, buffer->alloc);
45 + newlen = buffer->alloc + len + 32768;
46 + if (newlen > 0xa00000)
47 + fatal("buffer_append_space: alloc %u not supported",
49 + buffer->buf = xrealloc(buffer->buf, newlen);
50 + buffer->alloc = newlen;
54 --- openssh-3.2.3p1/channels.c 29 Aug 2003 10:04:36 -0000 1.194
55 +++ openssh-3.2.3p1/channels.c 16 Sep 2003 21:02:40 -0000 1.195
58 /* There are no free slots. Take last+1 slot and expand the array. */
59 found = channels_alloc;
60 + if (channels_alloc > 10000)
61 + fatal("channel_new: internal error: channels_alloc %d "
62 + "too big.", channels_alloc);
63 + channels = xrealloc(channels,
64 + (channels_alloc + 10) * sizeof(Channel *));
66 debug2("channel: expanding %d", channels_alloc);
67 - channels = xrealloc(channels, channels_alloc * sizeof(Channel *));
68 for (i = found; i < channels_alloc; i++)