Dear Friends,
It seems we may have the same division by zero issue on fread():
This is the original code:
size_t fread(void *restrict destv, size_t size, size_t nmemb, FILE *restrict f)
{
unsigned char *dest = destv;
size_t len = size*nmemb, l = len, k;
if (!size) nmemb = 0;
FLOCK(f);
f->mode |= f->mode-1;
if (f->rend - f->rpos > 0) {
/* First exhaust the buffer. */
k = MIN(f->rend - f->rpos, l);
memcpy(dest, f->rpos, k);
f->rpos += k;
dest += k;
l -= k;
}
/* Read the remainder directly */
for (; l; l-=k, dest+=k) {
k = __toread(f) ? 0 : f->read(f, dest, l);
if (k+1<=1) {
FUNLOCK(f);
return (len-l)/size;
}
}
FUNLOCK(f);
return nmemb;
}
It seems we need to check the variable size on return because if size is zero
We'll have a division by zero and a segmentation fault
I'm sending the attached patch that changes the return as follows:
return (len-l)/(size != 0 ? size : 1);
I don't know if this is the correct approach, so, feel free to
change/let me know how to fix :)
Hope it helps
Kind Regards,
Geraldo Netto
Sapere Aude => Non dvcor, dvco
http://exdev.sf.net/