buffer: fix overflow check in evbuffer_expand_singlechain()

Refs: #306 Fixes: #340 Fixes: 20d6d4458bee5d88bda1511c225c25b2d3198d6c
2025-09-11 13:24:43 -04:00 · 2016-06-21 19:49:57 +03:00 · 2016-06-21 19:49:57 +03:00 · a3f4ccd1a1
commit a3f4ccd1a1
parent 48dab7aa33
1 changed files with 1 additions and 2 deletions
--- a/buffer.c
+++ b/buffer.c
@ -1982,8 +1982,7 @@ evbuffer_expand_singlechain(struct evbuffer *buf, size_t datlen)
 	/* Would expanding this chunk be affordable and worthwhile? */
 	if (CHAIN_SPACE_LEN(chain) < chain->buffer_len / 8 ||
 	    chain->off > MAX_TO_COPY_IN_EXPAND ||
-	    (datlen < EVBUFFER_CHAIN_MAX &&
-		EVBUFFER_CHAIN_MAX - datlen >= chain->off)) {
+		datlen >= (EVBUFFER_CHAIN_MAX - chain->off)) {
 		/* It's not worth resizing this chain. Can the next one be
 		 * used? */
 		if (chain->next && CHAIN_SPACE_LEN(chain->next) >= datlen) {