[bug-gnulib] Re: iconv made easy

[Simon Josefsson]

Paul Eggert <address@hidden> writes:

> Simon Josefsson <address@hidden> writes:
>
>> +        outbuf_size *= 2;
>> +        ;
>> +        if (newdest == NULL)
>
> My only quick thought is that this should be:
>
>    outbuf_size *= 2;
>    if (! (outbuf_size
>           && (newdest = realloc (dest, outbuf_size))))
>
> so that you fail instead of looping when there's a size overflow.

That's still not right, is it?  If outbuf_size * 2 is smaller than
outbuf_size, without being 0, it seems the logic of the rest of the
code fails, and I'm not really sure what happens, but it looks bad.
How about the following?

Thanks.

--- iconvme.c   15 Dec 2004 01:23:13 +0100      1.5
+++ iconvme.c   16 Dec 2004 02:28:34 +0100      
@@ -101,16 +101,17 @@
        case E2BIG:
          {
            size_t used = outp - dest;
+           size_t newsize = outbuf_size * 2;
            char *newdest;
 
-           outbuf_size *= 2;
-           newdest = realloc (dest, outbuf_size);
-           if (newdest == NULL)
+           if (newsize <= outbuf_size ||
+               !(newdest = realloc (dest, newsize)))
              {
                have_error = 1;
                goto out;
              }
            dest = newdest;
+           outbuf_size = newsize;
 
            outp = dest + used;
            outbytes_remaining = outbuf_size - used - 1;        /* -1 for NUL */