[erlang-bugs] Bug in ei_decode_fun
Paul Guyot
pguyot@REDACTED
Fri Oct 3 16:16:29 CEST 2008
Hello,
There is a bug in ei_decode_fun, decode_fun.c, line 106.
n = n - (s - s0) + 1;
if (p != NULL) {
p->free_var_len = n;
if (n > 0) {
p->free_vars = malloc(n); /* FIXME check result */
memcpy(p->free_vars, s, n);
}
}
*index += s-s0; <--- this is line 106
return 0;
The buffer cursor is incremented by s0 (start) - s (cursor before the
freevars). It should be incremented by n as well:
*index += n + s-s0;
Regards,
Paul
More information about the erlang-bugs
mailing list