From 7451de5d9735e95be04d9e5613ae1118236e7668 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sat, 3 Apr 2004 02:55:42 +0000
Subject: Loops work better when they terminate.  Non-terminating loops are
 easier to diagnose when they don't trash the stack.

svn:r1460
---
 src/common/util.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/common/util.c')

diff --git a/src/common/util.c b/src/common/util.c
index 0b6c8d2c7..7a9301efb 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -113,7 +113,8 @@ void hex_encode(const char *from, int fromlen, char *to)
 {
   const unsigned char *fp = from;
   static const char TABLE[] = "0123456789abcdef";
-  while (fromlen) {
+  assert(from && fromlen>=0 && to);
+  while (fromlen--) {
     *to++ = TABLE[*fp >> 4];
     *to++ = TABLE[*fp & 7];
     ++fp;
@@ -219,11 +220,13 @@ void *smartlist_choose(smartlist_t *sl) {
 
 void *smartlist_get(smartlist_t *sl, int idx)
 {
+  assert(sl && idx>=0 && idx < sl->num_used);
   return sl->list[idx];
 }
 void *smartlist_set(smartlist_t *sl, int idx, void *val)
 {
   void *old;
+  assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = val;
   return old;
@@ -231,6 +234,7 @@ void *smartlist_set(smartlist_t *sl, int idx, void *val)
 void *smartlist_del(smartlist_t *sl, int idx)
 {
   void *old;
+  assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = sl->list[--sl->num_used];
   return old;
-- 
cgit v1.2.3