mirrors/emacs
1
Fork 0
mirror of git://git.sv.gnu.org/emacs.git synced 2025-12-18 11:50:38 -08:00
Code Issues Projects Releases Wiki Activity

Check for buffer and string overflow more precisely.

Browse source 
* buffer.h (BUF_BYTES_MAX): New macro.
* lisp.h (STRING_BYTES_MAX): New macro.
* alloc.c (Fmake_string):
* character.c (string_escape_byte8):
* coding.c (coding_alloc_by_realloc):
* doprnt.c (doprnt):
* editfns.c (Fformat):
* eval.c (verror):
Use STRING_BYTES_MAX, not MOST_POSITIVE_FIXNUM,
since they may not be the same number.
* editfns.c (Finsert_char):
* fileio.c (Finsert_file_contents):
Likewise for BUF_BYTES_MAX.
This commit is contained in:
Paul Eggert 2011-06-05 23:16:12 -07:00
parent dd52fcea06
commit d1f3d2afe1
10 changed files with 37 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/coding.c
View file

@ -1071,8 +1071,8 @@ coding_set_destination (struct coding_system *coding)
static void
coding_alloc_by_realloc (struct coding_system *coding, EMACS_INT bytes)
{
if (coding->dst_bytes >= MOST_POSITIVE_FIXNUM - bytes)
error ("Maximum size of buffer or string exceeded");
if (STRING_BYTES_MAX - coding->dst_bytes < bytes)
string_overflow ();
coding->destination = (unsigned char *) xrealloc (coding->destination,
coding->dst_bytes + bytes);
coding->dst_bytes += bytes;