generic-library/libzmq
1
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-13 18:55:10 +01:00
Code Issues Projects Releases Wiki Activity

The "count_" out-parameter is doubled instead of unchanged.

Browse Source 
Static analysis says:
src\zmq.cpp(489): error V220: Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize. The value being casted: '* count_'.
src\zmq.cpp(510): error V127: An overflow of the 32-bit 'nread' variable is possible inside a long cycle which utilizes a memsize-type loop counter.

I've silenced the warning on line 489 and ignored the other.
But also, it looks to me like there's a serious bug here: The
out-parameter "count_" is never set to zero before we start
incrementing it. So its final value will always be between
1 and 2 times its initial value. The fix seems obvious.
This commit is contained in:
Arthur O'Dwyer 2012-08-24 16:30:42 -07:00
parent d588dbf27c
commit a48751b34b
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/zmq.cpp
View File

@ -486,10 +486,12 @@ int zmq_recviov (void *s_, iovec *a_, size_t *count_, int flags_)
}
zmq::socket_base_t *s = (zmq::socket_base_t *) s_;
size_t count = (int) *count_;
size_t count = *count_;
int nread = 0;
bool recvmore = true;
*count_ = 0;
for (size_t i = 0; recvmore && i < count; ++i) {
// Cheat! We never close any msg
// because we want to steal the buffer.