Merge from trunk.

author: Paul Eggert 2011-09-04 16:58:01 -0700
committer: Paul Eggert 2011-09-04 16:58:01 -0700
commit: 1c262cae409ec55a234c89b3b74a13a77c7f595a (patch)
tree: 2780610d6227a3b1f64aa9398f21501ce3de774e /lib-src/ChangeLog
parent: 7f59d9c856de33b97bc3f2708dcc8dadf24ee040 (diff)
parent: 052bd38a56ad14a7f311677051e778de6c4bdc1c (diff)
download: emacs-1c262cae409ec55a234c89b3b74a13a77c7f595a.tar.gz
emacs-1c262cae409ec55a234c89b3b74a13a77c7f595a.zip
1 files changed, 36 insertions, 1 deletions
diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog
index 00876d2a044..42073641cb9 100644
--- a/lib-src/ChangeLog
+++ b/lib-src/ChangeLog
@@ -1,8 +1,43 @@
-2011-07-28  Paul Eggert  <eggert@cs.ucla.edu>
+2011-09-04  Paul Eggert  <eggert@cs.ucla.edu>
        * Makefile.in ($(DESTDIR)${archlibdir}): install-sh moved
        to build-aux (Bug#9169).
+2011-09-04  Paul Eggert  <eggert@cs.ucla.edu>
+        Integer and memory overflow issues (Bug#9397).
+        * emacsclient.c (xmalloc): Accept size_t, not unsigned int, to
+        avoid potential buffer overflow issues on typical 64-bit hosts.
+        Return void *, not long *.
+        (get_current_dir_name): Report a failure, instead of looping
+        forever, if buffer size calculation overflows.  Treat malloc
+        failures like realloc failures, as that has better behavior and is
+        more consistent.  Do not check whether xmalloc returns NULL, as
+        that's not possible.
+        (message): Do not arbitrarily truncate message to 2048 bytes when
+        sending it to stderr; use vfprintf instead.
+        (get_server_config, set_local_socket)
+        (start_daemon_and_retry_set_socket): Do not alloca
+        arbitrarily-large buffers; that's not safe.
+        (get_server_config, set_local_socket): Do not use sprintf when its
+        result might not fit in 'int'.
+        (set_local_socket): Do not assume uid fits in 'int'.
+        * etags.c (xmalloc, xrealloc): Accept size_t, not unsigned int,
+        to avoid potential buffer overflow issues on typical 64-bit hosts.
+        (whatlen_max): New static var.
+        (main): Avoid buffer overflow if subsidiary command length is
+        greater than BUFSIZ or 2*BUFSIZ + 20. Do not use sprintf when its
+        result might not fit in 'int'.
+        * movemail.c (main): Do not use sprintf when its result might not fit
+        in 'int'.  Instead, put the possibly-long file name into the
+        output of pfatal_with_name.
+        * update-game-score.c: Include <limits.h>
+        (get_user_id): Do not assume uid fits in 'int'.  Simplify.
 2011-07-28  Paul Eggert  <eggert@cs.ucla.edu>
        Assume freestanding C89 headers, string.h, stdlib.h.
author	Paul Eggert	2011-09-04 16:58:01 -0700
committer	Paul Eggert	2011-09-04 16:58:01 -0700
commit	1c262cae409ec55a234c89b3b74a13a77c7f595a (patch)
tree	2780610d6227a3b1f64aa9398f21501ce3de774e /lib-src/ChangeLog
parent	7f59d9c856de33b97bc3f2708dcc8dadf24ee040 (diff)
parent	052bd38a56ad14a7f311677051e778de6c4bdc1c (diff)
download	emacs-1c262cae409ec55a234c89b3b74a13a77c7f595a.tar.gz emacs-1c262cae409ec55a234c89b3b74a13a77c7f595a.zip

diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog index 00876d2a044..42073641cb9 100644 --- a/lib-src/ChangeLog +++ b/lib-src/ChangeLog
@@ -1,8 +1,43 @@
1	2011-07-28 Paul Eggert <eggert@cs.ucla.edu>	1	2011-09-04 Paul Eggert <eggert@cs.ucla.edu>
2		2
3	* Makefile.in ($(DESTDIR)${archlibdir}): install-sh moved	3	* Makefile.in ($(DESTDIR)${archlibdir}): install-sh moved
4	to build-aux (Bug#9169).	4	to build-aux (Bug#9169).
5		5
		6	2011-09-04 Paul Eggert <eggert@cs.ucla.edu>
		7
		8	Integer and memory overflow issues (Bug#9397).
		9
		10	* emacsclient.c (xmalloc): Accept size_t, not unsigned int, to
		11	avoid potential buffer overflow issues on typical 64-bit hosts.
		12	Return void , not long .
		13	(get_current_dir_name): Report a failure, instead of looping
		14	forever, if buffer size calculation overflows. Treat malloc
		15	failures like realloc failures, as that has better behavior and is
		16	more consistent. Do not check whether xmalloc returns NULL, as
		17	that's not possible.
		18	(message): Do not arbitrarily truncate message to 2048 bytes when
		19	sending it to stderr; use vfprintf instead.
		20	(get_server_config, set_local_socket)
		21	(start_daemon_and_retry_set_socket): Do not alloca
		22	arbitrarily-large buffers; that's not safe.
		23	(get_server_config, set_local_socket): Do not use sprintf when its
		24	result might not fit in 'int'.
		25	(set_local_socket): Do not assume uid fits in 'int'.
		26
		27	* etags.c (xmalloc, xrealloc): Accept size_t, not unsigned int,
		28	to avoid potential buffer overflow issues on typical 64-bit hosts.
		29	(whatlen_max): New static var.
		30	(main): Avoid buffer overflow if subsidiary command length is
		31	greater than BUFSIZ or 2*BUFSIZ + 20. Do not use sprintf when its
		32	result might not fit in 'int'.
		33
		34	* movemail.c (main): Do not use sprintf when its result might not fit
		35	in 'int'. Instead, put the possibly-long file name into the
		36	output of pfatal_with_name.
		37
		38	* update-game-score.c: Include <limits.h>
		39	(get_user_id): Do not assume uid fits in 'int'. Simplify.
		40
6	2011-07-28 Paul Eggert <eggert@cs.ucla.edu>	41	2011-07-28 Paul Eggert <eggert@cs.ucla.edu>
7		42
8	Assume freestanding C89 headers, string.h, stdlib.h.	43	Assume freestanding C89 headers, string.h, stdlib.h.