Fix heap overflow from curl-originating buffers

Most of xs.h seems to expect that buffers are rounded up to block size, so we should preserve that invariant here. (In particular, xs_expand will avoid calling xs_realloc if the new size fits in the same block, which means that if we don't pad out the data it will expand out of the memory we're allocated.)
author: Saagar Jha <saagar@saagarjha.com> 2023-04-10 01:34:48 -0700
committer: Saagar Jha <saagar@saagarjha.com> 2023-04-10 01:34:48 -0700
commit: ea9c030249cb3db7a923c8e546df9897e0a39384 (patch)
tree: fa4bc80525da91bfe9da28704e21a4c9efe1c77d /xs_curl.h
parent: 632bbe475c2d948cdae4eaba3367b9e65c5ff141 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/xs_curl.h b/xs_curl.h
index e880a0d..ca90f92 100644
--- a/xs_curl.h
+++ b/xs_curl.h
@@ -55,7 +55,7 @@ static int _data_callback(void *buffer, size_t size,
 
     /* open space */
     pd->size += sz;
-    pd->data = xs_realloc(pd->data, pd->size + 1);
+    pd->data = xs_realloc(pd->data, _xs_blk_size(pd->size + 1));
 
     /* copy data */
     memcpy(pd->data + pd->offset, buffer, sz);
author	Saagar Jha <saagar@saagarjha.com>	2023-04-10 01:34:48 -0700
committer	Saagar Jha <saagar@saagarjha.com>	2023-04-10 01:34:48 -0700
commit	ea9c030249cb3db7a923c8e546df9897e0a39384 (patch)
tree	fa4bc80525da91bfe9da28704e21a4c9efe1c77d /xs_curl.h
parent	632bbe475c2d948cdae4eaba3367b9e65c5ff141 (diff)