* xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.

author: Paul Eggert <eggert@cs.ucla.edu> 2011-07-28 22:09:32 -0700
committer: Paul Eggert <eggert@cs.ucla.edu> 2011-07-28 22:09:32 -0700
commit: 1d526e2f33eb2615944717c9231bc1d27aef1117 (patch)
tree: 4d3e817ce6d90f5f236876c3b603ba7ffdc4fda1
parent: 864d7ce76d118b7bc157176a03a0a8a1b02fd989 (diff)
download: emacs-1d526e2f33eb2615944717c9231bc1d27aef1117.tar.gz
2 files changed, 5 insertions, 0 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index f8e5ca78b33..1f288a48f2f 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,7 @@
 2011-07-29  Paul Eggert  <eggert@cs.ucla.edu>
 
+	* xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.
+
 	* xselect.c: Integer and memory overflow issues.
 	(X_LONG_SIZE, X_USHRT_MAX, X_ULONG_MAX): New macros.
 	Use them to make the following changes clearer.
diff --git a/src/xsmfns.c b/src/xsmfns.c
index cb56ae648d1..217087dbae7 100644
--- a/src/xsmfns.c
+++ b/src/xsmfns.c
@@ -223,6 +223,9 @@ smc_save_yourself_CB (SmcConn smcConn,
   props[props_idx]->name = xstrdup (SmRestartCommand);
   props[props_idx]->type = xstrdup (SmLISTofARRAY8);
   /* /path/to/emacs, --smid=xxx --no-splash --chdir=dir ... */
+  if (min (INT_MAX, min (PTRDIFF_MAX, SIZE_MAX) / sizeof *vp) - 3
+      < initial_argc)
+    memory_full (SIZE_MAX);
   i = 3 + initial_argc;
   props[props_idx]->num_vals = i;
   vp = (SmPropValue *) xmalloc (i * sizeof(*vp));
author	Paul Eggert <eggert@cs.ucla.edu>	2011-07-28 22:09:32 -0700
committer	Paul Eggert <eggert@cs.ucla.edu>	2011-07-28 22:09:32 -0700
commit	1d526e2f33eb2615944717c9231bc1d27aef1117 (patch)
tree	4d3e817ce6d90f5f236876c3b603ba7ffdc4fda1
parent	864d7ce76d118b7bc157176a03a0a8a1b02fd989 (diff)
download	emacs-1d526e2f33eb2615944717c9231bc1d27aef1117.tar.gz