Because I cannot reproduce the bug, could you please provide more details about bug 'environment'.
If crashes are in memchr() call, this may be caused *ONLY* by 'out of buffer' memchr run.
So, you have the &buff[0] address (in the main) and size. The memchr is called on some internal sub-buffer:
memchr(buf+offt,0xff,size-offt)
So the question are:
1) is buf (buffer begin) is within your buff[...] ?
2) is buf+size (in memchr context) is within your buff[...]
Because I cannot reproduce the bug, could you please provide more details about bug 'environment'.
If crashes are in memchr() call, this may be caused *ONLY* by 'out of buffer' memchr run.
So, you have the &buff[0] address (in the main) and size. The memchr is called on some internal sub-buffer:
memchr(buf+offt,0xff,size-offt)
So the question are:
1) is buf (buffer begin) is within your buff[...] ?
2) is buf+size (in memchr context) is within your buff[...]