On Mon, Jun 9, 2008 at 2:29 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:
> On Sun, 8 Jun 2008, Brock Noland wrote:
>
>> http://curl.haxx.se/mail/curlphp-2008-06/0021.html
>>
>> I seem to have found a bug in Curl_fillreadbuffer.
>
> [...]
>
>> else if((size_t)nread > buffersize)
>> /* the read function returned a too large value */
>> return CURLE_READ_ERROR;
>
>> If nread is -1, when cast to size_t, its a very large number.
>
> Yes, but why is that a bug in libcurl? In what legitimate use case does the
> read function return -1?
>
> It is evem documented to return a 'size_t' which on all modern operation
> systems is an unsigned type.

Woops, I guess thats why I said ``seem to have''! :)

I see php is providing a call back, curl_read, which is returning -1.

static size_t curl_read(char *data, size_t size, size_t nmemb, void *ctx)
{
    php_curl *ch = (php_curl *) ctx;
    php_curl_read *t = ch->handlers->read;
    int length = -1;

...

    return length;
}

Respectfully,
Brock
Received on 2008-06-09