hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed memory allocation issue when the repalcement text is considerably

Browse Source 
longer than the match text.
This commit is contained in:
Mark Riddoch
2014-06-05 17:08:44 +01:00
parent c1c188cf4f
commit 656c54af0a
1 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
server/modules/filter/regexfilter.c
View File

@ -313,39 +313,41 @@ regmatch_t match[10];
{ {
if (match[i].rm_so != -1) if (match[i].rm_so != -1)
{ {
if (res_length + match[i].rm_so > res_size)
{
result = (char *)realloc(result, res_size + length);
res_size += length;
}
ptr = &result[res_length]; ptr = &result[res_length];
if (last_match < match[i].rm_so) if (last_match < match[i].rm_so)
{ {
int to_copy = match[i].rm_so - last_match; int to_copy = match[i].rm_so - last_match;
if (last_match + to_copy > res_size)
{
res_size = last_match + to_copy + length;
result = (char *)realloc(result, res_size);
}
memcpy(ptr, &sql[last_match], to_copy); memcpy(ptr, &sql[last_match], to_copy);
res_length += to_copy; res_length += to_copy;
} }
last_match = match[i].rm_eo; last_match = match[i].rm_eo;
if (res_length + match[i].rm_so > res_size) if (res_length + rep_length > res_size)
{ {
result = (char *)realloc(result, res_size + rep_length); res_size += rep_length;
res_size += length; result = (char *)realloc(result, res_size);
} }
ptr = &result[res_length]; ptr = &result[res_length];
memcpy(ptr, replace, rep_length); memcpy(ptr, replace, rep_length);
res_length += rep_length; res_length += rep_length;
} }
} }
if (res_length + length - last_match + 1 > res_size)
{
result = (char *)realloc(result, res_size + length);
res_size += length;
}
if (last_match < length) if (last_match < length)
{ {
int to_copy = length - last_match;
if (last_match + to_copy > res_size)
{
res_size = last_match + to_copy + 1;
result = (char *)realloc(result, res_size);
}
ptr = &result[res_length]; ptr = &result[res_length];
memcpy(ptr, &sql[last_match], length - last_match); memcpy(ptr, &sql[last_match], to_copy);
res_length += length - last_match; res_length += to_copy;
} }
result[res_length] = 0; result[res_length] = 0;