From aa8a3b9e20ce37f09abfe1336b335a5f93d713c2 Mon Sep 17 00:00:00 2001
From: Nanang Izzuddin <nanang@teluu.com>
Date: Thu, 22 Nov 2012 05:00:01 +0000
Subject: Fix #1593: avoid wrap around in caching pool capacity value.

git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4298 74dad513-b988-da41-8d7b-12977e46ad98
---
 pjlib/include/pj/pool.h     | 2 +-
 pjlib/include/pj/pool_i.h   | 2 +-
 pjlib/src/pj/pool.c         | 4 ++--
 pjlib/src/pj/pool_caching.c | 8 ++++++--
 4 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'pjlib')

diff --git a/pjlib/include/pj/pool.h b/pjlib/include/pj/pool.h
index 96c6de3b..3e9c76d5 100644
--- a/pjlib/include/pj/pool.h
+++ b/pjlib/include/pj/pool.h
@@ -509,7 +509,7 @@ PJ_INLINE(void*) pj_pool_zalloc(pj_pool_t *pool, pj_size_t size)
  * Internal functions
  */
 PJ_IDECL(void*) pj_pool_alloc_from_block(pj_pool_block *block, pj_size_t size);
-PJ_DECL(void*) pj_pool_allocate_find(pj_pool_t *pool, unsigned size);
+PJ_DECL(void*) pj_pool_allocate_find(pj_pool_t *pool, pj_size_t size);
 
 
 	
diff --git a/pjlib/include/pj/pool_i.h b/pjlib/include/pj/pool_i.h
index 54621969..2f5d407c 100644
--- a/pjlib/include/pj/pool_i.h
+++ b/pjlib/include/pj/pool_i.h
@@ -47,7 +47,7 @@ PJ_IDEF(void*) pj_pool_alloc_from_block( pj_pool_block *block, pj_size_t size )
     if (size & (PJ_POOL_ALIGNMENT-1)) {
 	size = (size + PJ_POOL_ALIGNMENT) & ~(PJ_POOL_ALIGNMENT-1);
     }
-    if ((unsigned)(block->end - block->cur) >= size) {
+    if ((pj_size_t)(block->end - block->cur) >= size) {
 	void *ptr = block->cur;
 	block->cur += size;
 	return ptr;
diff --git a/pjlib/src/pj/pool.c b/pjlib/src/pj/pool.c
index ff2aa1a6..623acd9c 100644
--- a/pjlib/src/pj/pool.c
+++ b/pjlib/src/pj/pool.c
@@ -88,7 +88,7 @@ static pj_pool_block *pj_pool_create_block( pj_pool_t *pool, pj_size_t size)
  * If no space is available in all the blocks, a new block might be created
  * (depending on whether the pool is allowed to resize).
  */
-PJ_DEF(void*) pj_pool_allocate_find(pj_pool_t *pool, unsigned size)
+PJ_DEF(void*) pj_pool_allocate_find(pj_pool_t *pool, pj_size_t size)
 {
     pj_pool_block *block = pool->block_list.next;
     void *p;
@@ -121,7 +121,7 @@ PJ_DEF(void*) pj_pool_allocate_find(pj_pool_t *pool, unsigned size)
     if (pool->increment_size < 
 	    size + sizeof(pj_pool_block) + PJ_POOL_ALIGNMENT) 
     {
-        unsigned count;
+        pj_size_t count;
         count = (size + pool->increment_size + sizeof(pj_pool_block) +
                  PJ_POOL_ALIGNMENT) / 
                 pool->increment_size;
diff --git a/pjlib/src/pj/pool_caching.c b/pjlib/src/pj/pool_caching.c
index 1e753025..763e9b04 100644
--- a/pjlib/src/pj/pool_caching.c
+++ b/pjlib/src/pj/pool_caching.c
@@ -178,7 +178,11 @@ static pj_pool_t* cpool_create_pool(pj_pool_factory *pf,
 	pj_pool_init_int(pool, name, increment_sz, callback);
 
 	/* Update pool manager's free capacity. */
-	cp->capacity -= pj_pool_get_capacity(pool);
+	if (cp->capacity > pj_pool_get_capacity(pool)) {
+	    cp->capacity -= pj_pool_get_capacity(pool);
+	} else {
+	    cp->capacity = 0;
+	}
 
 	PJ_LOG(6, (pool->obj_name, "pool reused, size=%u", pool->capacity));
     }
@@ -199,7 +203,7 @@ static pj_pool_t* cpool_create_pool(pj_pool_factory *pf,
 static void cpool_release_pool( pj_pool_factory *pf, pj_pool_t *pool)
 {
     pj_caching_pool *cp = (pj_caching_pool*)pf;
-    unsigned pool_capacity;
+    pj_size_t pool_capacity;
     unsigned i;
 
     PJ_CHECK_STACK();
-- 
cgit v1.2.3