Narrow pointer bounds when appropriate

This typically occurs in a storage manager, where the caller is expected to access only the newly-allocated object, instead of using the returned value to access unrelated parts of the heap. * src/alloc.c (allocate_string, allocate_string_data) (compact_small_strings, find_string_data_in_pure) (sweep_strings, setup_on_free_list, allocate_vectorlike (pure_alloc): * src/bytecode.c (exec_byte_code): * src/callint.c (Fcall_interactively): * src/dispnew.c (scrolling): * src/editfns.c (styled_format): * src/frame.c (xrdb_get_resource, x_get_resource_string): * src/fringe.c (Fdefine_fringe_bitmap): * src/gmalloc.c (malloc, realloc, aligned_alloc): Narrow pointer bounds when appropriate. * src/alloc.c (SDATA_OF_STRING): * src/lisp.h (make_lisp_symbol) [__CHKP__]: Widen bounds here, though. * src/bytecode.c, src/callint.c, src/dispnew.c, src/editfns.c: * src/emacs.c, src/frame.c, src/fringe.c: Include ptr-bounds.h. * src/ptr-bounds.h (ptr_bounds_clip): New function.
2026-04-22 05:51:11 -07:00 · 2017-12-09 13:57:38 -08:00 · 2017-12-09 13:57:38 -08:00 · 4295050e11
commit 4295050e11
parent 881abfc7fb
11 changed files with 93 additions and 29 deletions
--- a/src/bytecode.c
+++ b/src/bytecode.c
@ -24,6 +24,7 @@ along with GNU Emacs.  If not, see <https://www.gnu.org/licenses/>.  */
 #include "character.h"
 #include "buffer.h"
 #include "keyboard.h"
+#include "ptr-bounds.h"
 #include "syntax.h"
 #include "window.h"

@ -363,13 +364,15 @@ exec_byte_code (Lisp_Object bytestr, Lisp_Object vector, Lisp_Object maxdepth,
  unsigned char quitcounter = 1;
  EMACS_INT stack_items = XFASTINT (maxdepth) + 1;
  USE_SAFE_ALLOCA;
-  Lisp_Object *stack_base;
-  SAFE_ALLOCA_LISP_EXTRA (stack_base, stack_items, bytestr_length);
-  Lisp_Object *stack_lim = stack_base + stack_items;
+  void *alloc;
+  SAFE_ALLOCA_LISP_EXTRA (alloc, stack_items, bytestr_length);
+  ptrdiff_t item_bytes = stack_items * word_size;
+  Lisp_Object *stack_base = ptr_bounds_clip (alloc, item_bytes);
  Lisp_Object *top = stack_base;
-  memcpy (stack_lim, SDATA (bytestr), bytestr_length);
-  void *void_stack_lim = stack_lim;
-  unsigned char const *bytestr_data = void_stack_lim;
+  Lisp_Object *stack_lim = stack_base + stack_items;
+  unsigned char *bytestr_data = alloc;
+  bytestr_data = ptr_bounds_clip (bytestr_data + item_bytes, bytestr_length);
+  memcpy (bytestr_data, SDATA (bytestr), bytestr_length);
  unsigned char const *pc = bytestr_data;
  ptrdiff_t count = SPECPDL_INDEX ();