Merge from trunk.

author: Paul Eggert <eggert@cs.ucla.edu> 2011-06-02 01:25:28 -0700
committer: Paul Eggert <eggert@cs.ucla.edu> 2011-06-02 01:25:28 -0700
commit: 275a5dd65098a2d6fcc14c21f805fc8d5e4479ee (patch)
tree: a03e79b0a7c066940ed02cd11927c7fd4080f092 /src/alloc.c
parent: 97f4ea979720e535ade3fe0055fb710e18fb7b5d (diff)
parent: f797625a8ca7bc973b6943c6fce97f1e479a283d (diff)
download: emacs-275a5dd65098a2d6fcc14c21f805fc8d5e4479ee.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/src/alloc.c b/src/alloc.c
index 6b901d5465e..4449dd989de 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -157,7 +157,7 @@ struct emacs_globals globals;
 
 /* Number of bytes of consing done since the last gc.  */
 
-int consing_since_gc;
+EMACS_INT consing_since_gc;
 
 /* Similar minimum, computed from Vgc_cons_percentage.  */
 
@@ -2789,6 +2789,11 @@ allocate_vectorlike (EMACS_INT len)
 {
   struct Lisp_Vector *p;
   size_t nbytes;
+  int header_size = offsetof (struct Lisp_Vector, contents);
+  int word_size = sizeof p->contents[0];
+
+  if ((SIZE_MAX - header_size) / word_size < len)
+    memory_full ();
 
   MALLOC_BLOCK_INPUT;
 
@@ -2802,8 +2807,7 @@ allocate_vectorlike (EMACS_INT len)
   /* This gets triggered by code which I haven't bothered to fix.  --Stef  */
   /* eassert (!handling_signal); */
 
-  nbytes = (offsetof (struct Lisp_Vector, contents)
-	    + len * sizeof p->contents[0]);
+  nbytes = header_size + len * word_size;
   p = (struct Lisp_Vector *) lisp_malloc (nbytes, MEM_TYPE_VECTORLIKE);
 
 #ifdef DOUG_LEA_MALLOC
author	Paul Eggert <eggert@cs.ucla.edu>	2011-06-02 01:25:28 -0700
committer	Paul Eggert <eggert@cs.ucla.edu>	2011-06-02 01:25:28 -0700
commit	275a5dd65098a2d6fcc14c21f805fc8d5e4479ee (patch)
tree	a03e79b0a7c066940ed02cd11927c7fd4080f092 /src/alloc.c
parent	97f4ea979720e535ade3fe0055fb710e18fb7b5d (diff)
parent	f797625a8ca7bc973b6943c6fce97f1e479a283d (diff)
download	emacs-275a5dd65098a2d6fcc14c21f805fc8d5e4479ee.tar.gz