From: Nick Mathewson <nickm@torproject.org>
Date: Sat, 3 Apr 2004 02:55:42 +0000 (+0000)
Subject: Loops work better when they terminate.  Non-terminating loops are easier
X-Git-Tag: tor-0.0.6incompat-merged~184
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7451de5d9735e95be04d9e5613ae1118236e7668;p=thirdparty%2Ftor.git

Loops work better when they terminate.  Non-terminating loops are easier
to diagnose when they don't trash the stack.


svn:r1460
---

diff --git a/src/common/util.c b/src/common/util.c
index 0b6c8d2c73..7a9301efb0 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -113,7 +113,8 @@ void hex_encode(const char *from, int fromlen, char *to)
 {
   const unsigned char *fp = from;
   static const char TABLE[] = "0123456789abcdef";
-  while (fromlen) {
+  assert(from && fromlen>=0 && to);
+  while (fromlen--) {
     *to++ = TABLE[*fp >> 4];
     *to++ = TABLE[*fp & 7];
     ++fp;
@@ -219,11 +220,13 @@ void *smartlist_choose(smartlist_t *sl) {
 
 void *smartlist_get(smartlist_t *sl, int idx)
 {
+  assert(sl && idx>=0 && idx < sl->num_used);
   return sl->list[idx];
 }
 void *smartlist_set(smartlist_t *sl, int idx, void *val)
 {
   void *old;
+  assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = val;
   return old;
@@ -231,6 +234,7 @@ void *smartlist_set(smartlist_t *sl, int idx, void *val)
 void *smartlist_del(smartlist_t *sl, int idx)
 {
   void *old;
+  assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = sl->list[--sl->num_used];
   return old;