From 4b65a562a59ce79ec03a4d1720af8eedaeca5af9 Mon Sep 17 00:00:00 2001
From: Pavel Borzenkov <pavel.borzenkov@auriga.com>
Date: Fri, 15 Apr 2011 13:17:26 +0100
Subject: [PATCH] Fix segfault in libwebsocket_write()

Since 'shift' has unsigned integer type,
the following code may lead to infinite cycle
and segfault:

    while (shift >= 0) {
    	if (shift)
    		buf[0 - pre + n] =
    			((len >> shift) & 127) | 0x80;
    	else
    		buf[0 - pre + n] =
    			((len >> shift) & 127);
    	n++;
    	shift -= 7;
    }

Change type to signed integer.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@auriga.com>
---
 lib/parsers.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/parsers.c b/lib/parsers.c
index 7e1e900..4f1c792 100644
--- a/lib/parsers.c
+++ b/lib/parsers.c
@@ -1115,7 +1115,7 @@ int libwebsocket_write(struct libwebsocket *wsi, unsigned char *buf,
 	int m;
 	int pre = 0;
 	int post = 0;
-	unsigned int shift = 7;
+	int shift = 7;
 	struct lws_tokens eff_buf;
 	int ret;
 
-- 
2.7.4