From 443871a60b935dcd2ca643cf1fde189c9c6540ac Mon Sep 17 00:00:00 2001
From: Jeff Johnston <jjohnstn@redhat.com>
Date: Fri, 16 Mar 2007 21:16:09 +0000
Subject: 2007-03-16  Charles Wilson  <cygwin@...>

        * libc/argz/argz_insert.c: "before" pointer is
        invalid after *argz realloc.  Compute offset
        between "before" and *argz, and use it after
        reallocation instead.
---
 newlib/libc/argz/argz_insert.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'newlib/libc')

diff --git a/newlib/libc/argz/argz_insert.c b/newlib/libc/argz/argz_insert.c
index 8a9fb19..3ae6621 100644
--- a/newlib/libc/argz/argz_insert.c
+++ b/newlib/libc/argz/argz_insert.c
@@ -28,13 +28,16 @@ _DEFUN (argz_insert, (argz, argz_len, before, entry),
   while (before != *argz && before[-1])
     before--;
 
+  /* delta will always be non-negative, and < *argz_len */
+  ptrdiff_t delta = before - *argz;
+
   len = strlen(entry) + 1;
 
   if(!(*argz = (char *)realloc(*argz, *argz_len + len)))
     return ENOMEM;
   
-  memmove(before + len, before, *argz + *argz_len - before);
-  memcpy(before, entry, len);
+  memmove(*argz + delta + len, *argz + delta,  *argz_len - delta);
+  memcpy(*argz + delta, entry, len);
 
   *argz_len += len;
 
-- 
cgit v1.1