From f2d25c8341d4d24bc3444d1719c7dce051e2702f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Ekl=C3=B6f?= <daniel@ekloef.se>
Date: Mon, 5 Feb 2024 12:52:40 +0100
Subject: [PATCH] script: fix buffer resize bug

If the amount of data coming in is more than we can hold in our
buffer, we resized the buffer by doubling its size. However, there
were two(!) issues here:

* If this was the first resize, the buffer size was set to 1024. This
  may not be enough (i.e. there may be more than 1024 bytes to process).
* In all other cases, the buffer size was doubled. However, there is
  still no guarantee the buffer is large enough.

Fix by looping until the buffer *is* large enough.
---
 CHANGELOG.md     | 1 +
 modules/script.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dd2bfff..f1d6b0b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -40,6 +40,7 @@
   ([#330][330]).
 * i3/sway: incorrect empty/title state of workspaces ([#343][343]).
 * mem: state updated on each bar redraw ([#352][352]).
+* script: buffer overflow when reading large amounts of data.
 
 [311]: https://codeberg.org/dnkl/yambar/issues/311
 [302]: https://codeberg.org/dnkl/yambar/issues/302
diff --git a/modules/script.c b/modules/script.c
index 63928a6..0932cb2 100644
--- a/modules/script.c
+++ b/modules/script.c
@@ -298,7 +298,7 @@ data_received(struct module *mod, const char *data, size_t len)
 {
     struct private *m = mod->private;
 
-    if (len > m->recv_buf.sz - m->recv_buf.idx) {
+    while (len > m->recv_buf.sz - m->recv_buf.idx) {
         size_t new_sz = m->recv_buf.sz == 0 ? 1024 : m->recv_buf.sz * 2;
         char *new_buf = realloc(m->recv_buf.data, new_sz);