From 1b7cf52f87fe744219d2921aa4b95012171f0467 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 1 Dec 2016 02:14:55 +0000
Subject: [PATCH] adns_processwriteable: assert that write did not write more
 than we asked

This is better than proceeding to make tcpsend.used negative.

Should this ever happens, which it doesn't except under AFL, because
of a bug in hfuzzraw.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 src/event.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/event.c b/src/event.c
index 8cfaef5..95386f4 100644
--- a/src/event.c
+++ b/src/event.c
@@ -488,6 +488,7 @@ int adns_processwriteable(adns_state ads, int fd, const struct timeval *now) {
 	adns__tcp_broken(ads,"write",strerror(errno));
 	r= 0; goto xit;
       } else if (r>0) {
+	assert(r <= ads->tcpsend.used);
 	ads->tcpsend.used -= r;
 	memmove(ads->tcpsend.buf,ads->tcpsend.buf+r,ads->tcpsend.used);
       }
-- 
2.30.2