[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] emacs-25 1047496: Another fix for using pointer to buffer
From: |
Eli Zaretskii |
Subject: |
[Emacs-diffs] emacs-25 1047496: Another fix for using pointer to buffer text |
Date: |
Mon, 24 Oct 2016 14:00:25 +0000 (UTC) |
branch: emacs-25
commit 1047496722a58ef5b736dae64d32adeb58c5055c
Author: Eli Zaretskii <address@hidden>
Commit: Eli Zaretskii <address@hidden>
Another fix for using pointer to buffer text
* src/search.c (Freplace_match): Move the call to BYTE_POS_ADDR
after the call to xpalloc, to avoid the danger of buffer text
relocation after its address was taken. (Bug#24358)
---
src/search.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/search.c b/src/search.c
index 5c04916..f8acd40 100644
--- a/src/search.c
+++ b/src/search.c
@@ -2640,6 +2640,7 @@ since only regular expressions have distinguished
subexpressions. */)
const unsigned char *add_stuff = NULL;
ptrdiff_t add_len = 0;
ptrdiff_t idx = -1;
+ ptrdiff_t begbyte;
if (str_multibyte)
{
@@ -2702,11 +2703,10 @@ since only regular expressions have distinguished
subexpressions. */)
set up ADD_STUFF and ADD_LEN to point to it. */
if (idx >= 0)
{
- ptrdiff_t begbyte = CHAR_TO_BYTE (search_regs.start[idx]);
+ begbyte = CHAR_TO_BYTE (search_regs.start[idx]);
add_len = CHAR_TO_BYTE (search_regs.end[idx]) - begbyte;
if (search_regs.start[idx] < GPT && GPT < search_regs.end[idx])
move_gap_both (search_regs.start[idx], begbyte);
- add_stuff = BYTE_POS_ADDR (begbyte);
}
/* Now the stuff we want to add to SUBSTED
@@ -2719,6 +2719,11 @@ since only regular expressions have distinguished
subexpressions. */)
add_len - (substed_alloc_size - substed_len),
STRING_BYTES_BOUND, 1);
+ /* We compute this after the call to xpalloc, because that
+ could cause buffer text be relocated when ralloc.c is used. */
+ if (idx >= 0)
+ add_stuff = BYTE_POS_ADDR (begbyte);
+
/* Now add to the end of SUBSTED. */
if (add_stuff)
{
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] emacs-25 1047496: Another fix for using pointer to buffer text,
Eli Zaretskii <=