Fix buffer overflow on interupted read

The tio_read() function will read past its buffer and return garbadge to the calling function if the call to read() was interrupted by a signal. The likelyhood of read() being interupted is low because previously a call to poll() has determined that data is available to be read. Thanks to John Sullivan for pointing this out. See: https://bugzilla.redhat.com/show_bug.cgi?id=1003011
author: Arthur de Jong <arthur@arthurdejong.org> 2013-08-31 22:27:51 +0200
committer: Arthur de Jong <arthur@arthurdejong.org> 2013-08-31 22:46:26 +0200
commit: 07a8170330cd289ee9cba0ce5d579d2695e64b8f (patch)
tree: b1af23a56c91238069ef76263997757f330ace4f /common
parent: 4897033a912d513be82268b20fe73190684960fe (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/common/tio.c b/common/tio.c
index 3b81a55..f28ac91 100644
--- a/common/tio.c
+++ b/common/tio.c
@@ -277,8 +277,8 @@ int tio_read(TFILE *fp, void *buf, size_t count)
     }
     else if ((rv < 0) && (errno != EINTR) && (errno != EAGAIN))
       return -1;        /* something went wrong with the read */
-    /* skip the read part in the buffer */
-    fp->readbuffer.len = rv;
+    else if (rv > 0)
+      fp->readbuffer.len = rv;  /* skip the read part in the buffer */
 #ifdef DEBUG_TIO_STATS
     fp->bytesread += rv;
 #endif /* DEBUG_TIO_STATS */
author	Arthur de Jong <arthur@arthurdejong.org>	2013-08-31 22:27:51 +0200
committer	Arthur de Jong <arthur@arthurdejong.org>	2013-08-31 22:46:26 +0200
commit	07a8170330cd289ee9cba0ce5d579d2695e64b8f (patch)
tree	b1af23a56c91238069ef76263997757f330ace4f /common
parent	4897033a912d513be82268b20fe73190684960fe (diff)