aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPip Cet2025-02-03 20:40:34 +0000
committerPip Cet2025-02-03 20:52:57 +0000
commit14ebe4d5dbd4e6637de227c8561aab22cf4b632c (patch)
tree57d7dcb78458e1bb671549e80f41a2bb36be3012
parentb5316e1ddb728ab7502e2b2fffcc84e9c47316dd (diff)
downloademacs-14ebe4d5dbd4e6637de227c8561aab22cf4b632c.tar.gz
emacs-14ebe4d5dbd4e6637de227c8561aab22cf4b632c.zip
Fix GC-related crashes in styled_format (bug#75754)
This approach ensures we don't use an SSDATA pointer after GC, and that no Lisp callback code can modify the format string while we're working on it. * src/editfns.c (styled_format): Operate on a copy of the format string rather than the original. Ensure final NUL byte is copied.
Diffstat
-rw-r--r--src/editfns.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/editfns.c b/src/editfns.c
index 4ba356d627c..f9258392146 100644
--- a/src/editfns.c
+++ b/src/editfns.c
@@ -3442,9 +3442,10 @@ styled_format (ptrdiff_t nargs, Lisp_Object *args, bool message)
3442 } *info; 3442 } *info;
3443 3443
3444 CHECK_STRING (args[0]); 3444 CHECK_STRING (args[0]);
3445 char *format_start = SSDATA (args[0]);
3446 bool multibyte_format = STRING_MULTIBYTE (args[0]); 3445 bool multibyte_format = STRING_MULTIBYTE (args[0]);
3447 ptrdiff_t formatlen = SBYTES (args[0]); 3446 ptrdiff_t formatlen = SBYTES (args[0]);
3447 char *format_start = SAFE_ALLOCA (formatlen + 1);
3448 memcpy (format_start, SSDATA (args[0]), formatlen + 1);
3448 bool fmt_props = !!string_intervals (args[0]); 3449 bool fmt_props = !!string_intervals (args[0]);
3449 3450
3450 /* Upper bound on number of format specs. Each uses at least 2 chars. */ 3451 /* Upper bound on number of format specs. Each uses at least 2 chars. */
generated by cgit v1.2.1 (git 2.18.0) at 2026-02-10 23:22:03 +0000