svf: off-by-one error; do not access after the allocated memory

Keep the promise and ensure there're at least 3 bytes available after
the current position.

This eliminates the errors reported by Valgrind.

Change-Id: I1d0640e904c750eed808b2b4caf419b4d7619845
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Reviewed-on: http://openocd.zylin.com/1615
Tested-by: jenkins
Reviewed-by: Peter Stuge <peter@stuge.se>

diff --git a/src/svf/svf.c b/src/svf/svf.c
index 69f75ac79a7a0ed1d784949de3d24f04aaaba75b..3e7bfbf208eec69f41381badca95dbf4116b7a76 100644 (file)
--- a/src/svf/svf.c
+++ b/src/svf/svf.c
@@ -642,8 +642,9 @@ static int svf_read_command_from_file(FILE *fd)
                                 *  - added space.
                                 *  - terminating NUL ('\0')
                                 */
                                 *  - added space.
                                 *  - terminating NUL ('\0')
                                 */

-                               if ((cmd_pos + 2) >= svf_command_buffer_size) {
-                                       svf_command_buffer = realloc(svf_command_buffer, (cmd_pos + 2));
+                               if (cmd_pos + 3 > svf_command_buffer_size) {
+                                       svf_command_buffer = realloc(svf_command_buffer, cmd_pos + 3);
+                                       svf_command_buffer_size = cmd_pos + 3;

                                        if (svf_command_buffer == NULL) {
                                                LOG_ERROR("not enough memory");
                                                return ERROR_FAIL;
                                        if (svf_command_buffer == NULL) {
                                                LOG_ERROR("not enough memory");
                                                return ERROR_FAIL;