From c9d624c605059127505b6d4baec8f07d6ff731d9 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Wed, 8 Jun 2011 10:22:24 -0700 Subject: * alloc.c: Catch some string size overflows that we were missing. (XMALLOC_OVERRUN_CHECK_SIZE) [!XMALLOC_OVERRUN_CHECK]: Define to 0, for convenience in STRING_BYTES_MAX. (STRING_BYTES_MAX): New macro, superseding the old one in lisp.h. The definition here is exact; the one in lisp.h was approximate. (allocate_string_data): Check for string overflow. This catches some instances we weren't catching before. Also, it catches size_t overflow on (unusual) hosts where SIZE_MAX <= min (PTRDIFF_MAX, MOST_POSITIVE_FIXNUM), e.g., when size_t is 32 bits and ptrdiff_t and EMACS_INT are both 64 bits. * character.c, coding.c, doprnt.c, editfns.c, eval.c: All uses of STRING_BYTES_MAX replaced by STRING_BYTES_BOUND. * lisp.h (STRING_BYTES_BOUND): Renamed from STRING_BYTES_MAX. --- src/character.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/character.c') diff --git a/src/character.c b/src/character.c index fe8be7084f0..aae3e3c0de6 100644 --- a/src/character.c +++ b/src/character.c @@ -838,7 +838,7 @@ string_escape_byte8 (Lisp_Object string) if (multibyte) { if ((MOST_POSITIVE_FIXNUM - nchars) / 3 < byte8_count - || (STRING_BYTES_MAX - nbytes) / 2 < byte8_count) + || (STRING_BYTES_BOUND - nbytes) / 2 < byte8_count) string_overflow (); /* Convert 2-byte sequence of byte8 chars to 4-byte octal. */ @@ -847,7 +847,7 @@ string_escape_byte8 (Lisp_Object string) } else { - if ((STRING_BYTES_MAX - nbytes) / 3 < byte8_count) + if ((STRING_BYTES_BOUND - nbytes) / 3 < byte8_count) string_overflow (); /* Convert 1-byte sequence of byte8 chars to 4-byte octal. */ -- cgit v1.2.1