diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2011-07-28 22:09:32 -0700 |
---|---|---|
committer | Paul Eggert <eggert@cs.ucla.edu> | 2011-07-28 22:09:32 -0700 |
commit | 1d526e2f33eb2615944717c9231bc1d27aef1117 (patch) | |
tree | 4d3e817ce6d90f5f236876c3b603ba7ffdc4fda1 | |
parent | 864d7ce76d118b7bc157176a03a0a8a1b02fd989 (diff) | |
download | emacs-1d526e2f33eb2615944717c9231bc1d27aef1117.tar.gz |
* xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.
-rw-r--r-- | src/ChangeLog | 2 | ||||
-rw-r--r-- | src/xsmfns.c | 3 |
2 files changed, 5 insertions, 0 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index f8e5ca78b33..1f288a48f2f 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,5 +1,7 @@ 2011-07-29 Paul Eggert <eggert@cs.ucla.edu> + * xsmfns.c (smc_save_yourself_CB): Check for size calc overflow. + * xselect.c: Integer and memory overflow issues. (X_LONG_SIZE, X_USHRT_MAX, X_ULONG_MAX): New macros. Use them to make the following changes clearer. diff --git a/src/xsmfns.c b/src/xsmfns.c index cb56ae648d1..217087dbae7 100644 --- a/src/xsmfns.c +++ b/src/xsmfns.c @@ -223,6 +223,9 @@ smc_save_yourself_CB (SmcConn smcConn, props[props_idx]->name = xstrdup (SmRestartCommand); props[props_idx]->type = xstrdup (SmLISTofARRAY8); /* /path/to/emacs, --smid=xxx --no-splash --chdir=dir ... */ + if (min (INT_MAX, min (PTRDIFF_MAX, SIZE_MAX) / sizeof *vp) - 3 + < initial_argc) + memory_full (SIZE_MAX); i = 3 + initial_argc; props[props_idx]->num_vals = i; vp = (SmPropValue *) xmalloc (i * sizeof(*vp)); |