argument that has side effects. On platforms where SWAP16 can
evaluate its argument twice (including platforms where utf8_conv.c
creates a fallback definition for the SWAP16 macro), this can cause a
read overrun by a factor of two.
Rearrange the data flow to avoid calling SWAP16 with an argument that
has side effects.
ticket: 6486
tags: pullup
target_version: 1.7
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22348
dc483132-0cff-0310-8789-
dd5450dbe970
{
while (ucs2len == -1 ? *ucs2str : --ucs2len >= 0) {
/* Get UTF-8 size of next wide char */
+ ch = *ucs2str++;
#ifdef K5_BE
if (little_endian)
- ch = SWAP16(*ucs2str++);
- else
+ ch = SWAP16(ch);
#endif
- ch = *ucs2str++;
n = krb5int_ucs2_to_utf8(ch, NULL);
if (n < 1)
n = 1; /* In case of empty ucs2str */
while (ucs2len == -1 ? *ucs2str != 0 : --ucs2len >= 0) {
+ ch = *ucs2str++;
#ifdef K5_BE
if (little_endian)
- ch = SWAP16(*ucs2str++);
- else
+ ch = SWAP16(ch);
#endif
- ch = *ucs2str++;
n = krb5int_ucs2_to_utf8(ch, p);