This code in camessage.c looks sketchy. It seems that the else part of the if clause does not consider where stk is, and could push stk to be greater than cnt.
if ( client->recvBytesToDrain ) { if ( client->recvBytesToDrain >= client->recv.cnt ) { client->recvBytesToDrain -= client->recv.cnt; client->recv.stk = client->recv.cnt; return RSRV_OK; } else { client->recv.stk += client->recvBytesToDrain; client->recvBytesToDrain = 0u; } }
This code in camessage.c looks sketchy. It seems that the else part of the if clause does not consider where stk is, and could push stk to be greater than cnt.
if ( client- >recvBytesToDra in ) { >recvBytesToDra in >= client->recv.cnt ) {
client- >recvBytesToDra in -= client->recv.cnt;
client- >recv.stk = client->recv.cnt;
client- >recv.stk += client- >recvBytesToDra in;
client- >recvBytesToDra in = 0u;
if ( client-
return RSRV_OK;
}
else {
}
}