When working with a problem Stefan Becker had, I found an off-by-one buffer

overwrite in Curl_select(). While fixing it, I also improved its performance somewhat by changing calloc to malloc and breaking out of a loop earlier (when possible).
author: Daniel Stenberg <daniel@haxx.se> 2007-05-26 22:09:08 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2007-05-26 22:09:08 +0000
commit: b9a6dfab03abe9950182e0b99d3394713ed19147 (patch)
tree: 16c3e0ee22d43267a6cdd742ab2a7de45a6a3344
parent: 8bd7197a8fb6d4a49df7efa25361c95ebdfc1d9c (diff)
2 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index dc717ec3e..17500c970 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
                              \___|\___/|_| \_\_____|
 
                                   Changelog
+Daniel S (27 May 2007)
+- When working with a problem Stefan Becker had, I found an off-by-one buffer
+  overwrite in Curl_select(). While fixing it, I also improved its performance
+  somewhat by changing calloc to malloc and breaking out of a loop earlier
+  (when possible).
+
 Daniel S (25 May 2007)
 - Rob Crittenden fixed bug #1705802
   (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index fcd2ba95d..e6c1540b0 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -48,6 +48,7 @@ This release includes the following bugfixes:
  o memory leak when failed OpenSSL certificate CN field checking
  o memory leak when OpenSSL failed PKCS #12 parsing
  o FPL-SSL when built with NSS
+ o out-of-boundary write in Curl_select()
 
 This release includes the following known bugs:
author	Daniel Stenberg <daniel@haxx.se>	2007-05-26 22:09:08 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2007-05-26 22:09:08 +0000
commit	b9a6dfab03abe9950182e0b99d3394713ed19147 (patch)
tree	16c3e0ee22d43267a6cdd742ab2a7de45a6a3344
parent	8bd7197a8fb6d4a49df7efa25361c95ebdfc1d9c (diff)