Improve buffer-overflow checking.

* fileio.c (Finsert_file_contents): * insdel.c (insert_from_buffer_1, replace_range, replace_range_2): Remove the old (too-loose) buffer overflow checks. They weren't needed, since make_gap checks for buffer overflow. * insdel.c (make_gap_larger): Catch buffer overflows that were missed. The old code merely checked for Emacs fixnum overflow, and relied on undefined (wraparound) behavior. The new code avoids undefined behavior, and also checks for ptrdiff_t and/or size_t overflow.
author: Paul Eggert 2011-06-16 14:18:12 -0700
committer: Paul Eggert 2011-06-16 14:18:12 -0700
commit: 1c8e352f7e4291ab523996e7c5feaedfe0f4b350 (patch)
tree: 3adb22fb15a891521047080018b22e454ba5c471 /src/ChangeLog
parent: 21d890a4ecf97141f3c3f7e373bca6d083662a83 (diff)
download: emacs-1c8e352f7e4291ab523996e7c5feaedfe0f4b350.tar.gz
emacs-1c8e352f7e4291ab523996e7c5feaedfe0f4b350.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index 011f5beefe0..5f18c8d0062 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,15 @@
 2011-06-16  Paul Eggert  <eggert@cs.ucla.edu>
+        Improve buffer-overflow checking.
+        * fileio.c (Finsert_file_contents):
+        * insdel.c (insert_from_buffer_1, replace_range, replace_range_2):
+        Remove the old (too-loose) buffer overflow checks.
+        They weren't needed, since make_gap checks for buffer overflow.
+        * insdel.c (make_gap_larger): Catch buffer overflows that were missed.
+        The old code merely checked for Emacs fixnum overflow, and relied
+        on undefined (wraparound) behavior.  The new code avoids undefined
+        behavior, and also checks for ptrdiff_t and/or size_t overflow.
        * editfns.c (Finsert_char): Don't dump core with very negative counts.
        Tune.  Don't use wider integers than needed.  Don't use alloca.
        Use a bigger 'string' buffer.  Rewrite to avoid 'n > 0' test.
author	Paul Eggert	2011-06-16 14:18:12 -0700
committer	Paul Eggert	2011-06-16 14:18:12 -0700
commit	1c8e352f7e4291ab523996e7c5feaedfe0f4b350 (patch)
tree	3adb22fb15a891521047080018b22e454ba5c471 /src/ChangeLog
parent	21d890a4ecf97141f3c3f7e373bca6d083662a83 (diff)
download	emacs-1c8e352f7e4291ab523996e7c5feaedfe0f4b350.tar.gz emacs-1c8e352f7e4291ab523996e7c5feaedfe0f4b350.zip

diff --git a/src/ChangeLog b/src/ChangeLog index 011f5beefe0..5f18c8d0062 100644 --- a/src/ChangeLog +++ b/src/ChangeLog
@@ -1,5 +1,15 @@
1	2011-06-16 Paul Eggert <eggert@cs.ucla.edu>	1	2011-06-16 Paul Eggert <eggert@cs.ucla.edu>
2		2
		3	Improve buffer-overflow checking.
		4	* fileio.c (Finsert_file_contents):
		5	* insdel.c (insert_from_buffer_1, replace_range, replace_range_2):
		6	Remove the old (too-loose) buffer overflow checks.
		7	They weren't needed, since make_gap checks for buffer overflow.
		8	* insdel.c (make_gap_larger): Catch buffer overflows that were missed.
		9	The old code merely checked for Emacs fixnum overflow, and relied
		10	on undefined (wraparound) behavior. The new code avoids undefined
		11	behavior, and also checks for ptrdiff_t and/or size_t overflow.
		12
3	* editfns.c (Finsert_char): Don't dump core with very negative counts.	13	* editfns.c (Finsert_char): Don't dump core with very negative counts.
4	Tune. Don't use wider integers than needed. Don't use alloca.	14	Tune. Don't use wider integers than needed. Don't use alloca.
5	Use a bigger 'string' buffer. Rewrite to avoid 'n > 0' test.	15	Use a bigger 'string' buffer. Rewrite to avoid 'n > 0' test.