Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14708,
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14735,
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14725,
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14720,
and probably others.
} else {
char *n;
+ const size_t new_size = v->output_buffer_size + r + 1;
- n = new(char, v->output_buffer_size + r + 1);
+ n = new(char, new_size);
if (!n)
return -ENOMEM;
memcpy(mempcpy(n, v->output_buffer + v->output_buffer_index, v->output_buffer_size), text, r + 1);
free_and_replace(v->output_buffer, n);
- v->output_buffer_size += r + 1;
+ v->output_buffer_allocated = v->output_buffer_size = new_size;
v->output_buffer_index = 0;
}
--- /dev/null
+ {"method":" "}\0 { "method": " "}\0 { "method": " "}\0 vvvvvvvv\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
\ No newline at end of file