[Emacs-diffs] trunk r117940: Avoid signed integer overflow when converti

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] trunk r117940: Avoid signed integer overflow when converti

From:	Paul Eggert
Subject:	[Emacs-diffs] trunk r117940: Avoid signed integer overflow when converting Time to ptrdiff_t.
Date:	Wed, 24 Sep 2014 20:30:34 +0000
User-agent:	Bazaar (2.6b2)

------------------------------------------------------------
revno: 117940
revision-id: address@hidden
parent: address@hidden
author: Paul Eggert  <address@hidden>
committer: Paul Eggert <address@hidden>
branch nick: trunk
timestamp: Wed 2014-09-24 13:30:28 -0700
message:
  Avoid signed integer overflow when converting Time to ptrdiff_t.
  
  * keyboard.c (INPUT_EVENT_POS_MAX, INPUT_EVENT_POS_MIN):
  New macros.
  (position_to_Time, Time_to_position): New functions.
  (gen_help_event, kbd_buffer_get_event): Use them.
  * systime.h (Time) [emacs && !HAVE_X_WINDOWS]:
  Go back to plain 'unsigned long', so that 'Time' is the same
  for both X and non-X builds; this is less likely to cause surprise.
  * termhooks.h: Remove compile-time check that Time and ptrdiff_t
  are the same size; this is no longer required.
modified:
  src/ChangeLog                  changelog-20091113204419-o5vbwnq5f7feedwu-1438
  src/keyboard.c                 keyboard.c-20091113204419-o5vbwnq5f7feedwu-449
  src/systime.h                  systime.h-20091113204419-o5vbwnq5f7feedwu-510
  src/termhooks.h                termhooks.h-20091113204419-o5vbwnq5f7feedwu-249

=== modified file 'src/ChangeLog'
--- a/src/ChangeLog     2014-09-24 18:25:04 +0000
+++ b/src/ChangeLog     2014-09-24 20:30:28 +0000
@@ -1,5 +1,16 @@
 2014-09-24  Paul Eggert  <address@hidden>
 
+       Avoid signed integer overflow when converting Time to ptrdiff_t.
+       * keyboard.c (INPUT_EVENT_POS_MAX, INPUT_EVENT_POS_MIN):
+       New macros.
+       (position_to_Time, Time_to_position): New functions.
+       (gen_help_event, kbd_buffer_get_event): Use them.
+       * systime.h (Time) [emacs && !HAVE_X_WINDOWS]:
+       Go back to plain 'unsigned long', so that 'Time' is the same
+       for both X and non-X builds; this is less likely to cause surprise.
+       * termhooks.h: Remove compile-time check that Time and ptrdiff_t
+       are the same size; this is no longer required.
+
        * keyboard.c (make_lispy_event): Avoid unnecessary tests
        of bit 28 and of whether an unsigned value is negative.
        This simplifies the code a bit, and pacifies clang 3.4.

=== modified file 'src/keyboard.c'
--- a/src/keyboard.c    2014-09-24 18:25:04 +0000
+++ b/src/keyboard.c    2014-09-24 20:30:28 +0000
@@ -3729,6 +3729,34 @@
     }
 }
 
+/* Limit help event positions to this range, to avoid overflow problems.  */
+#define INPUT_EVENT_POS_MAX \
+  ((ptrdiff_t) min (PTRDIFF_MAX, min (TYPE_MAXIMUM (Time) / 2, \
+                                     MOST_POSITIVE_FIXNUM)))
+#define INPUT_EVENT_POS_MIN (-1 - INPUT_EVENT_POS_MAX)
+
+/* Return a Time that encodes position POS.  POS must be in range.  */
+
+static Time
+position_to_Time (ptrdiff_t pos)
+{
+  eassert (INPUT_EVENT_POS_MIN <= pos && pos <= INPUT_EVENT_POS_MAX);
+  return pos;
+}
+
+/* Return the position that ENCODED_POS encodes.
+   Avoid signed integer overflow.  */
+
+static ptrdiff_t
+Time_to_position (Time encoded_pos)
+{
+  if (encoded_pos <= INPUT_EVENT_POS_MAX)
+    return encoded_pos;
+  Time encoded_pos_min = INPUT_EVENT_POS_MIN;
+  eassert (encoded_pos_min <= encoded_pos);
+  ptrdiff_t notpos = -1 - encoded_pos;
+  return -1 - notpos;
+}
 
 /* Generate a HELP_EVENT input_event and store it in the keyboard
    buffer.
@@ -3752,7 +3780,7 @@
   event.arg = object;
   event.x = WINDOWP (window) ? window : frame;
   event.y = help;
-  event.timestamp = pos;
+  event.timestamp = position_to_Time (pos);
   kbd_buffer_store_event (&event);
 }
 
@@ -4084,7 +4112,7 @@
 
          frame = event->frame_or_window;
          object = event->arg;
-         position = make_number (event->timestamp);
+         position = make_number (Time_to_position (event->timestamp));
          window = event->x;
          help = event->y;
          clear_event (event);

=== modified file 'src/systime.h'
--- a/src/systime.h     2014-09-24 10:06:53 +0000
+++ b/src/systime.h     2014-09-24 20:30:28 +0000
@@ -19,7 +19,6 @@
 #ifndef EMACS_SYSTIME_H
 #define EMACS_SYSTIME_H
 
-#include <sys/types.h>
 #include <timespec.h>
 
 INLINE_HEADER_BEGIN
@@ -28,7 +27,7 @@
 # ifdef HAVE_X_WINDOWS
 #  include <X11/X.h>
 # else
-typedef size_t Time;
+typedef unsigned long Time;
 # endif
 #endif
 

=== modified file 'src/termhooks.h'
--- a/src/termhooks.h   2014-09-24 07:17:51 +0000
+++ b/src/termhooks.h   2014-09-24 20:30:28 +0000
@@ -288,9 +288,6 @@
   Lisp_Object arg;
 };
 
-/* To make sure we don't break HELP_EVENT.  */
-verify (sizeof (Time) == sizeof (ptrdiff_t));
-
 #define EVENT_INIT(event) memset (&(event), 0, sizeof (struct input_event))
 
 /* Bits in the modifiers member of the input_event structure.

[Prev in Thread]

Current Thread

[Next in Thread]

[Emacs-diffs] trunk r117940: Avoid signed integer overflow when converting Time to ptrdiff_t., Paul Eggert <=

Prev by Date: [Emacs-diffs] trunk r117939: * lisp/find-cmd.el (find-cmd): Use grep's `find-program'.
Next by Date: [Emacs-diffs] trunk r117941: Default to stack objects on non-GNU/Linux, non-DOS_NT platforms.
Previous by thread: [Emacs-diffs] trunk r117939: * lisp/find-cmd.el (find-cmd): Use grep's `find-program'.
Next by thread: [Emacs-diffs] trunk r117941: Default to stack objects on non-GNU/Linux, non-DOS_NT platforms.
Index(es):
- Date
- Thread