[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashe
From: |
Paul Eggert |
Subject: |
bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs) |
Date: |
Sat, 30 Jul 2011 12:16:34 -0700 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11 |
I take your point that the checks add clutter, so I'll
revise the patch to address that problem, by adding a
couple of memory allocators that do the proper overflow
checking internally, so that callers don't need to
test for integer overflow.
This will take a bit of time to prepare and test, so
please bear with me, but to give you a feel here's a draft
of the revised patch to xgselect.c. This simplifies
xgselect.c compared to what's in the trunk now.
--- src/xgselect.c 2011-07-01 09:18:46 +0000
+++ src/xgselect.c 2011-07-30 18:19:51 +0000
@@ -54,10 +54,8 @@
do {
if (n_gfds > gfds_size)
{
- while (n_gfds > gfds_size)
- gfds_size *= 2;
xfree (gfds);
- gfds = xmalloc (sizeof (*gfds) * gfds_size);
+ gfds = xpmalloc (&gfds_size, n_gfds - gfds_size, INT_MAX, sizeof
*gfds);
}
n_gfds = g_main_context_query (context,
On 07/29/11 22:52, Jan Djärv wrote:
> the checks that check for more than 2 billion command line arguments
Those checks are necessary for GNU/Hurd, which places
no limit on command line arguments, which means argc + 2
can overflow. That being said, the revised patch will address
the clutter problem for the command-line issue as well, and
the resulting emacs.c will be simpler than what's in the
trunk now.
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Paul Eggert, 2011/07/29
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Jan Djärv, 2011/07/29
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Paul Eggert, 2011/07/29
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Jan Djärv, 2011/07/29
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Paul Eggert, 2011/07/29
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Jan Djärv, 2011/07/30
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs),
Paul Eggert <=
- bug#9196: integer and memory overflow issues (e.g., cut-and-paste crashes Emacs), Jan Djärv, 2011/07/31