diff options
| author | Paul Eggert | 2011-07-28 18:16:54 -0700 |
|---|---|---|
| committer | Paul Eggert | 2011-07-28 18:16:54 -0700 |
| commit | fe6442b1151a0f4021181e968479459f50df63f1 (patch) | |
| tree | 5c009bab54a101bf8ea6fa1845e53a73e23a6f4e | |
| parent | 5f2ab479cdd2e76862e80e37b9c0825471af8d4c (diff) | |
| download | emacs-fe6442b1151a0f4021181e968479459f50df63f1.tar.gz emacs-fe6442b1151a0f4021181e968479459f50df63f1.zip | |
* sysdep.c: Integer and memory overflow issues.
(system_process_attributes): Use ptrdiff_t, not int, for command
line length. Do not attempt to address one before the beginning
of an array, as that's not portable.
| -rw-r--r-- | src/ChangeLog | 5 | ||||
| -rw-r--r-- | src/sysdep.c | 8 |
2 files changed, 10 insertions, 3 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 7570b0ba979..d1db5e48daf 100644 --- a/src/ChangeLog +++ b/src/ChangeLog | |||
| @@ -1,5 +1,10 @@ | |||
| 1 | 2011-07-29 Paul Eggert <eggert@cs.ucla.edu> | 1 | 2011-07-29 Paul Eggert <eggert@cs.ucla.edu> |
| 2 | 2 | ||
| 3 | * sysdep.c: Integer and memory overflow issues. | ||
| 4 | (system_process_attributes): Use ptrdiff_t, not int, for command | ||
| 5 | line length. Do not attempt to address one before the beginning | ||
| 6 | of an array, as that's not portable. | ||
| 7 | |||
| 3 | * search.c: Integer and memory overflow fixes. | 8 | * search.c: Integer and memory overflow fixes. |
| 4 | (Freplace_match): Check for size calculation overflow. | 9 | (Freplace_match): Check for size calculation overflow. |
| 5 | (Fset_match_data): Don't assume list lengths fit in 'int'. | 10 | (Fset_match_data): Don't assume list lengths fit in 'int'. |
diff --git a/src/sysdep.c b/src/sysdep.c index 4bd1f54b9e6..57fff94f552 100644 --- a/src/sysdep.c +++ b/src/sysdep.c | |||
| @@ -2640,7 +2640,7 @@ system_process_attributes (Lisp_Object pid) | |||
| 2640 | ssize_t nread; | 2640 | ssize_t nread; |
| 2641 | const char *cmd = NULL; | 2641 | const char *cmd = NULL; |
| 2642 | char *cmdline = NULL; | 2642 | char *cmdline = NULL; |
| 2643 | size_t cmdsize = 0, cmdline_size; | 2643 | ptrdiff_t cmdsize = 0, cmdline_size; |
| 2644 | unsigned char c; | 2644 | unsigned char c; |
| 2645 | int proc_id, ppid, uid, gid, pgrp, sess, tty, tpgid, thcount; | 2645 | int proc_id, ppid, uid, gid, pgrp, sess, tty, tpgid, thcount; |
| 2646 | unsigned long long u_time, s_time, cutime, cstime, start; | 2646 | unsigned long long u_time, s_time, cutime, cstime, start; |
| @@ -2822,8 +2822,10 @@ system_process_attributes (Lisp_Object pid) | |||
| 2822 | if (fd >= 0) | 2822 | if (fd >= 0) |
| 2823 | { | 2823 | { |
| 2824 | char ch; | 2824 | char ch; |
| 2825 | for (cmdline_size = 0; emacs_read (fd, &ch, 1) == 1; cmdline_size++) | 2825 | for (cmdline_size = 0; cmdline_size < STRING_BYTES_BOUND; cmdline_size++) |
| 2826 | { | 2826 | { |
| 2827 | if (emacs_read (fd, &ch, 1) != 1) | ||
| 2828 | break; | ||
| 2827 | c = ch; | 2829 | c = ch; |
| 2828 | if (isspace (c) || c == '\\') | 2830 | if (isspace (c) || c == '\\') |
| 2829 | cmdline_size++; /* for later quoting, see below */ | 2831 | cmdline_size++; /* for later quoting, see below */ |
| @@ -2844,7 +2846,7 @@ system_process_attributes (Lisp_Object pid) | |||
| 2844 | nread = 0; | 2846 | nread = 0; |
| 2845 | } | 2847 | } |
| 2846 | /* We don't want trailing null characters. */ | 2848 | /* We don't want trailing null characters. */ |
| 2847 | for (p = cmdline + nread - 1; p > cmdline && !*p; p--) | 2849 | for (p = cmdline + nread; p > cmdline + 1 && !p[-1]; p--) |
| 2848 | nread--; | 2850 | nread--; |
| 2849 | for (p = cmdline; p < cmdline + nread; p++) | 2851 | for (p = cmdline; p < cmdline + nread; p++) |
| 2850 | { | 2852 | { |