From b399fc2b3c5c2cf5f0d36d98c372f353a8186d15 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Wed, 7 Sep 2022 13:37:34 -0700
Subject: IceFlush: signal fatal I/O error if bufptr is past end of buffer

It should never happen, but has been possible in the past when
we didn't handle buffer checks properly - this would help us
catch it if a similar mistake ever happens again (or the wrong
memory pointer gets corrupted by something else).

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
 src/misc.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/misc.c b/src/misc.c
index 0e15adc..d23b1df 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -119,6 +119,16 @@ IceFlush (
 	IceConn iceConn
 )
 {
+    /*
+     * Should be impossible, unless we messed up our buffer math somewhere,
+     * or one of our pointers has been corrupted.
+     */
+    if (_X_UNLIKELY(iceConn->outbufptr > iceConn->outbufmax))
+    {
+	IceFatalIOError (iceConn);
+	return 0;
+    }
+
     _IceWrite (iceConn,
 	(unsigned long) (iceConn->outbufptr - iceConn->outbuf),
 	iceConn->outbuf);
-- 
cgit v1.2.3