From d9528c265b96a5a0f0c2e43ac74ab3921a2987e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lorenz=20K=C3=A4stle?=
 <12514511+RincewindsHat@users.noreply.github.com>
Date: Mon, 30 Jan 2023 12:45:20 +0100
Subject: check_http: Fix memory reallocation error in chunk decoding logic

This patch should fix an error with the way memory reallocation was
used, which resulted in "realloc(): invalid next size".
It is not completely clear to me as to what caused this problem, but
apparently one can not depend handing a pointer to "realloc(3)" and
expect that it still works afterwards, but one should/must use the one
returned by the function.

Also this patch replaces a variable which was used to remember the
position in the array by just computing that from the current values.

diff --git a/plugins/check_http.c b/plugins/check_http.c
index a9c2238..c23625e 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1399,7 +1399,6 @@ char *unchunk_content(const char *content) {
   char *endptr;
   long length_of_chunk = 0;
   size_t overall_size = 0;
-  char *result_ptr;
 
   while (true) {
     size_of_chunk = strtol(pointer, &endptr, 16);
@@ -1446,7 +1445,6 @@ char *unchunk_content(const char *content) {
         }
         return NULL;
       }
-      result_ptr = result;
     } else {
       void *tmp = realloc(result, overall_size);
       if (tmp == NULL) {
@@ -1454,11 +1452,12 @@ char *unchunk_content(const char *content) {
           printf("Failed to allocate memory for unchunked body\n");
         }
         return NULL;
+      } else {
+        result = tmp;
       }
     }
 
-    memcpy(result_ptr, start_of_chunk, size_of_chunk);
-    result_ptr = result_ptr + size_of_chunk;
+    memcpy(result + (overall_size - size_of_chunk), start_of_chunk, size_of_chunk);
   }
 
   result[overall_size] = '\0';
-- 
cgit v0.10-9-g596f