Loading libs/binder/BufferedTextOutput.cpp +4 −1 Original line number Diff line number Diff line Loading @@ -49,9 +49,12 @@ struct BufferedTextOutput::BufferState : public RefBase status_t append(const char* txt, size_t len) { if ((len+bufferPos) > bufferSize) { void* b = realloc(buffer, ((len+bufferPos)*3)/2); size_t newSize = ((len+bufferPos)*3)/2; if (newSize < (len+bufferPos)) return NO_MEMORY; // overflow void* b = realloc(buffer, newSize); if (!b) return NO_MEMORY; buffer = (char*)b; bufferSize = newSize; } memcpy(buffer+bufferPos, txt, len); bufferPos += len; Loading libs/binder/Parcel.cpp +3 −1 Original line number Diff line number Diff line Loading @@ -484,7 +484,8 @@ status_t Parcel::appendFrom(const Parcel *parcel, size_t offset, size_t len) if (numObjects > 0) { // grow objects if (mObjectsCapacity < mObjectsSize + numObjects) { int newSize = ((mObjectsSize + numObjects)*3)/2; size_t newSize = ((mObjectsSize + numObjects)*3)/2; if (newSize < mObjectsSize) return NO_MEMORY; // overflow binder_size_t *objects = (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t)); if (objects == (binder_size_t*)0) { Loading Loading @@ -1038,6 +1039,7 @@ restart_write: } if (!enoughObjects) { size_t newSize = ((mObjectsSize+2)*3)/2; if (newSize < mObjectsSize) return NO_MEMORY; // overflow binder_size_t* objects = (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t)); if (objects == NULL) return NO_MEMORY; mObjects = objects; Loading Loading
libs/binder/BufferedTextOutput.cpp +4 −1 Original line number Diff line number Diff line Loading @@ -49,9 +49,12 @@ struct BufferedTextOutput::BufferState : public RefBase status_t append(const char* txt, size_t len) { if ((len+bufferPos) > bufferSize) { void* b = realloc(buffer, ((len+bufferPos)*3)/2); size_t newSize = ((len+bufferPos)*3)/2; if (newSize < (len+bufferPos)) return NO_MEMORY; // overflow void* b = realloc(buffer, newSize); if (!b) return NO_MEMORY; buffer = (char*)b; bufferSize = newSize; } memcpy(buffer+bufferPos, txt, len); bufferPos += len; Loading
libs/binder/Parcel.cpp +3 −1 Original line number Diff line number Diff line Loading @@ -484,7 +484,8 @@ status_t Parcel::appendFrom(const Parcel *parcel, size_t offset, size_t len) if (numObjects > 0) { // grow objects if (mObjectsCapacity < mObjectsSize + numObjects) { int newSize = ((mObjectsSize + numObjects)*3)/2; size_t newSize = ((mObjectsSize + numObjects)*3)/2; if (newSize < mObjectsSize) return NO_MEMORY; // overflow binder_size_t *objects = (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t)); if (objects == (binder_size_t*)0) { Loading Loading @@ -1038,6 +1039,7 @@ restart_write: } if (!enoughObjects) { size_t newSize = ((mObjectsSize+2)*3)/2; if (newSize < mObjectsSize) return NO_MEMORY; // overflow binder_size_t* objects = (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t)); if (objects == NULL) return NO_MEMORY; mObjects = objects; Loading
