diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2011-07-18 20:34:13 -0700 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2011-07-18 20:34:13 -0700 |
| commit | e097a6fa863b26952a476e71a786fa7b2460277b (patch) | |
| tree | 759c9146fe747732a9243b6070ed0a31317dc713 /src | |
| parent | 5637687fead7d57f73ea9a7677d25b93fb785dc7 (diff) | |
| download | emacs-e097a6fa863b26952a476e71a786fa7b2460277b.tar.gz | |
* charset.c (Fdefine_charset_internal): Check for integer overflow.
Add a FIXME comment about memory leaks.
(syms_of_charset): Don't assume xmalloc returns.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ChangeLog | 4 | ||||
| -rw-r--r-- | src/charset.c | 20 |
2 files changed, 21 insertions, 3 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 54ce0c8df4e..4a9e03d5da0 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,5 +1,9 @@ 2011-07-19 Paul Eggert <eggert@cs.ucla.edu> + * charset.c (Fdefine_charset_internal): Check for integer overflow. + Add a FIXME comment about memory leaks. + (syms_of_charset): Don't assume xmalloc returns. + Don't assume that stated character widths fit in int. * character.c (Fchar_width, c_string_width, lisp_string_width): * character.h (CHAR_WIDTH): diff --git a/src/charset.c b/src/charset.c index e2bfcd08671..852aeb19bcb 100644 --- a/src/charset.c +++ b/src/charset.c @@ -1150,13 +1150,28 @@ usage: (define-charset-internal ...) */) hash_code); if (charset_table_used == charset_table_size) { - struct charset *new_table + struct charset *new_table; + /* Ensure that charset IDs fit into 'int' as well as into the + restriction imposed by fixnums, ptrdiff_t, and size_t. + Although the 'int' restriction could be removed, too much other + code would need altering; for example, the IDs are stuffed into + struct coding_system.charbuf[i] entries, which are 'int'. */ + int charset_table_size_max = + min (min (INT_MAX, MOST_POSITIVE_FIXNUM), + min (PTRDIFF_MAX, SIZE_MAX) / sizeof (struct charset)); + if (charset_table_size_max - 16 < charset_table_size) + memory_full (SIZE_MAX); + new_table = (struct charset *) xmalloc (sizeof (struct charset) * (charset_table_size + 16)); memcpy (new_table, charset_table, sizeof (struct charset) * charset_table_size); charset_table_size += 16; charset_table = new_table; + /* FIXME: Doesn't this leak memory? The old charset_table + becomes unreachable. If the memory leak is intentional, + a comment should be added to explain this. If not, the + old charset_table should be freed, using xfree. */ } id = charset_table_used++; new_definition_p = 1; @@ -2347,9 +2362,8 @@ syms_of_charset (void) Vcharset_hash_table = Fmake_hash_table (2, args); } + charset_table = (struct charset *) xmalloc (sizeof (struct charset) * 128); charset_table_size = 128; - charset_table = ((struct charset *) - xmalloc (sizeof (struct charset) * charset_table_size)); charset_table_used = 0; defsubr (&Scharsetp); |