From 7c3f19c079afcea8c07e571dd07f7ef03de86b8e Mon Sep 17 00:00:00 2001
From: grischka <grischka>
Date: Tue, 2 Dec 2008 02:34:58 +0100
Subject: [PATCH] fix data overflow with init_putv

The simplest code to reproduce this bug seems to be
    int a[][] = {{1,1,1,1,1,1,1}};
---
 tcc.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tcc.c b/tcc.c
index 0bfc5c01..772b1710 100644
--- a/tcc.c
+++ b/tcc.c
@@ -8808,6 +8808,10 @@ static void init_putv(CType *type, Section *sec, unsigned long c,
         /* XXX: generate error if incorrect relocation */
         gen_assign_cast(&dtype);
         bt = type->t & VT_BTYPE;
+        /* we'll write at most 12 bytes */
+        if (c + 12 > sec->data_allocated) {
+            section_realloc(sec, c + 12);
+        }
         ptr = sec->data + c;
         /* XXX: make code faster ? */
         if (!(type->t & VT_BITFIELD)) {