Fix enqueuing of characters in ttyinput_many by wrapping the call to
b_to_q in a loop. This was probably intended by the authors, as they
subtract the number of enqueued characters from count.
Found using the Clang Static Analyzer.
* device/chario.c (ttyinput_many): Fix enqueuing of characters.
---
device/chario.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/device/chario.c b/device/chario.c
index c40705e..559396d 100644
--- a/device/chario.c
+++ b/device/chario.c
@@ -1013,6 +1013,7 @@ void ttyinput_many(
* Do not want to overflow input queue
*/
if (tp->t_inq.c_cc < tp->t_inq.c_hog)
+ while (count > 0)
count -= b_to_q( chars, count, &tp->t_inq);
tty_queue_completion(&tp->t_delayed_read);
--
1.7.10.4
