diff options
| author | Paul Eggert | 2011-09-05 13:43:14 -0700 |
|---|---|---|
| committer | Paul Eggert | 2011-09-05 13:43:14 -0700 |
| commit | 1dc4aa6d975c9f92cd5c0d0baf5eae89e013fd67 (patch) | |
| tree | 8c3e07779650c446922a93839c3ecdabb85cdaea /src/ChangeLog | |
| parent | f4af5137d41b5ff71771028385f89be889dd1315 (diff) | |
| parent | 697210c4822d4e7be9a81234d2026e5ace724a90 (diff) | |
| download | emacs-1dc4aa6d975c9f92cd5c0d0baf5eae89e013fd67.tar.gz emacs-1dc4aa6d975c9f92cd5c0d0baf5eae89e013fd67.zip | |
Merge from trunk.
Diffstat (limited to 'src/ChangeLog')
| -rw-r--r-- | src/ChangeLog | 154 |
1 files changed, 153 insertions, 1 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index a3c850e3b7f..88065dd3231 100644 --- a/src/ChangeLog +++ b/src/ChangeLog | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | 2011-09-03 Paul Eggert <eggert@cs.ucla.edu> | 1 | 2011-09-05 Paul Eggert <eggert@cs.ucla.edu> |
| 2 | 2 | ||
| 3 | * fileio.c: Fix bugs with large file offsets (Bug#9428). | 3 | * fileio.c: Fix bugs with large file offsets (Bug#9428). |
| 4 | The previous code assumed that file offsets (off_t values) fit in | 4 | The previous code assumed that file offsets (off_t values) fit in |
| @@ -17,6 +17,158 @@ | |||
| 17 | (Fwrite_region): Don't assume off_t fits into 'long'. | 17 | (Fwrite_region): Don't assume off_t fits into 'long'. |
| 18 | * buffer.h (struct buffer.modtime_size): Now off_t, not EMACS_INT. | 18 | * buffer.h (struct buffer.modtime_size): Now off_t, not EMACS_INT. |
| 19 | 19 | ||
| 20 | 2011-09-05 Michael Albinus <michael.albinus@gmx.de> | ||
| 21 | |||
| 22 | * dbusbind.c (xd_signature_cat): Rename from signature_cat. | ||
| 23 | |||
| 24 | 2011-09-04 Paul Eggert <eggert@cs.ucla.edu> | ||
| 25 | |||
| 26 | sprintf-related integer and memory overflow issues (Bug#9412). | ||
| 27 | |||
| 28 | * doprnt.c (doprnt): Support printing ptrdiff_t and intmax_t values. | ||
| 29 | (esprintf, exprintf, evxprintf): New functions. | ||
| 30 | * keyboard.c (command_loop_level): Now EMACS_INT, not int. | ||
| 31 | (cmd_error): kbd macro iterations count is now EMACS_INT, not int. | ||
| 32 | (modify_event_symbol): Do not assume that the length of | ||
| 33 | name_alist_or_stem is safe to alloca and fits in int. | ||
| 34 | (Fexecute_extended_command): Likewise for function name and binding. | ||
| 35 | (Frecursion_depth): Wrap around reliably on integer overflow. | ||
| 36 | * keymap.c (push_key_description): First arg is now EMACS_INT, not int, | ||
| 37 | since some callers pass EMACS_INT values. | ||
| 38 | (Fsingle_key_description): Don't crash if symbol name contains more | ||
| 39 | than MAX_ALLOCA bytes. | ||
| 40 | * minibuf.c (minibuf_level): Now EMACS_INT, not int. | ||
| 41 | (get_minibuffer): Arg is now EMACS_INT, not int. | ||
| 42 | * lisp.h (get_minibuffer, push_key_description): Reflect API changes. | ||
| 43 | (esprintf, exprintf, evxprintf): New decls. | ||
| 44 | * window.h (command_loop_level, minibuf_level): Reflect API changes. | ||
| 45 | |||
| 46 | * dbusbind.c (signature_cat): New function. | ||
| 47 | (xd_signature, Fdbus_register_signal): | ||
| 48 | Do not overrun buffer; instead, report string overflow. | ||
| 49 | |||
| 50 | * dispnew.c (add_window_display_history): Don't overrun buffer. | ||
| 51 | Truncate instead; this is OK since it's just a log. | ||
| 52 | |||
| 53 | * editfns.c (Fcurrent_time_zone): Don't overrun buffer | ||
| 54 | even if the time zone offset is outlandishly large. | ||
| 55 | Don't mishandle offset == INT_MIN. | ||
| 56 | |||
| 57 | * emacs.c (main) [NS_IMPL_COCOA]: Don't overrun buffer | ||
| 58 | when creating daemon; the previous buffer-overflow check was incorrect. | ||
| 59 | |||
| 60 | * eval.c (verror): Simplify by rewriting in terms of evxprintf, | ||
| 61 | which has the guts of the old verror function. | ||
| 62 | |||
| 63 | * filelock.c (lock_file_1, lock_file): Don't blindly alloca long name; | ||
| 64 | use SAFE_ALLOCA instead. Use esprintf to avoid int-overflow issues. | ||
| 65 | |||
| 66 | * font.c: Include <float.h>, for DBL_MAX_10_EXP. | ||
| 67 | (font_unparse_xlfd): Don't blindly alloca long strings. | ||
| 68 | Don't assume XINT result fits in int, or that XFLOAT_DATA * 10 | ||
| 69 | fits in int, when using sprintf. Use single snprintf to count | ||
| 70 | length of string rather than counting it via multiple sprintfs; | ||
| 71 | that's simpler and more reliable. | ||
| 72 | (font_unparse_fcname): Use it to avoid sprintf buffer overrun. | ||
| 73 | (generate_otf_features) [0 && HAVE_LIBOTF]: Use esprintf, not | ||
| 74 | sprintf, in case result does not fit in int. | ||
| 75 | |||
| 76 | * fontset.c (num_auto_fontsets): Now printmax_t, not int. | ||
| 77 | (fontset_from_font): Print it. | ||
| 78 | |||
| 79 | * frame.c (tty_frame_count): Now printmax_t, not int. | ||
| 80 | (make_terminal_frame, set_term_frame_name): Print it. | ||
| 81 | (x_report_frame_params): In X, window IDs are unsigned long, | ||
| 82 | not signed long, so print them as unsigned. | ||
| 83 | (validate_x_resource_name): Check for implausibly long names, | ||
| 84 | and don't assume name length fits in 'int'. | ||
| 85 | (x_get_resource_string): Don't blindly alloca invocation name; | ||
| 86 | use SAFE_ALLOCA. Use esprintf, not sprintf, in case result does | ||
| 87 | not fit in int. | ||
| 88 | |||
| 89 | * gtkutil.c: Include <float.h>, for DBL_MAX_10_EXP. | ||
| 90 | (xg_check_special_colors, xg_set_geometry): | ||
| 91 | Make sprintf buffers a bit bigger, to avoid potential buffer overrun. | ||
| 92 | |||
| 93 | * lread.c (dir_warning): Don't blindly alloca buffer; use SAFE_ALLOCA. | ||
| 94 | Use esprintf, not sprintf, in case result does not fit in int. | ||
| 95 | |||
| 96 | * macros.c (executing_kbd_macro_iterations): Now EMACS_INT, not int. | ||
| 97 | (Fend_kbd_macro): Don't mishandle MOST_NEGATIVE_FIXNUM by treating | ||
| 98 | it as a large positive number. | ||
| 99 | (Fexecute_kbd_macro): Don't assume repeat count fits in int. | ||
| 100 | * macros.h (executing_kbd_macro_iterations): Now EMACS_INT, not int. | ||
| 101 | |||
| 102 | * nsterm.m ((NSSize)windowWillResize): Use esprintf, not sprintf, | ||
| 103 | in case result does not fit in int. | ||
| 104 | |||
| 105 | * print.c (float_to_string): Detect width overflow more reliably. | ||
| 106 | (print_object): Make sprintf buffer a bit bigger, to avoid potential | ||
| 107 | buffer overrun. Don't assume list length fits in 'int'. Treat | ||
| 108 | print length of 0 as 0, not as infinity; to be consistent with other | ||
| 109 | uses of print length in this function. Don't overflow print length | ||
| 110 | index. Don't assume hash table size fits in 'long', or that | ||
| 111 | vectorlike size fits in 'unsigned long'. | ||
| 112 | |||
| 113 | * process.c (make_process): Use printmax_t, not int, to format | ||
| 114 | process-name gensyms. | ||
| 115 | |||
| 116 | * sysdep.c (snprintf) [! HAVE_SNPRINTF]: New function. | ||
| 117 | |||
| 118 | * term.c (produce_glyphless_glyph): Make sprintf buffer a bit bigger | ||
| 119 | to avoid potential buffer overrun. | ||
| 120 | |||
| 121 | * xfaces.c (x_update_menu_appearance): Don't overrun buffer | ||
| 122 | if X resource line is longer than 512 bytes. | ||
| 123 | |||
| 124 | * xfns.c (x_window): Make sprintf buffer a bit bigger | ||
| 125 | to avoid potential buffer overrun. | ||
| 126 | |||
| 127 | * xterm.c (x_io_error_quitter): Don't overrun sprintf buffer. | ||
| 128 | |||
| 129 | * xterm.h (x_check_errors): Add ATTRIBUTE_FORMAT_PRINTF. | ||
| 130 | |||
| 131 | 2011-09-04 Paul Eggert <eggert@cs.ucla.edu> | ||
| 132 | |||
| 133 | Integer overflow fixes for scrolling, etc. | ||
| 134 | Without these, Emacs silently mishandles large integers sometimes. | ||
| 135 | For example, "C-u 4294967297 M-x recenter" was treated as if | ||
| 136 | it were "C-u 1 M-x recenter" on a typical 64-bit host. | ||
| 137 | |||
| 138 | * xdisp.c (try_window_id): Check Emacs fixnum range before | ||
| 139 | converting to 'int'. | ||
| 140 | |||
| 141 | * window.c (window_scroll_line_based, Frecenter): | ||
| 142 | Check that an Emacs fixnum is in range before assigning it to 'int'. | ||
| 143 | (Frecenter, Fmove_to_window_line): Use EMACS_INT, not int, for | ||
| 144 | values converted from Emacs fixnums. | ||
| 145 | (Frecenter): Don't wrap around a line count if it is out of 'int' | ||
| 146 | range; instead, treat it as an extreme value. | ||
| 147 | (Fset_window_configuration, compare_window_configurations): | ||
| 148 | Use ptrdiff_t, not int, for index that might exceed 2 GiB. | ||
| 149 | |||
| 150 | * search.c (Freplace_match): Use ptrdiff_t, not int, for indexes | ||
| 151 | that can exceed INT_MAX. Check that EMACS_INT value is in range | ||
| 152 | before assigning it to the (possibly-narrower) index. | ||
| 153 | (match_limit): Don't assume that a fixnum can fit in 'int'. | ||
| 154 | |||
| 155 | * print.c (print_object): Use ptrdiff_t, not int, for index that can | ||
| 156 | exceed INT_MAX. | ||
| 157 | |||
| 158 | * indent.c (position_indentation): Now takes ptrdiff_t, not int. | ||
| 159 | (Fvertical_motion): Don't wrap around LINES values that don't fit | ||
| 160 | in 'int'. Instead, treat them as extreme values. This is good | ||
| 161 | enough for windows, which can't have more than INT_MAX lines anyway. | ||
| 162 | |||
| 163 | 2011-09-03 Lars Magne Ingebrigtsen <larsi@gnus.org> | ||
| 164 | |||
| 165 | * Require libxml/parser.h to avoid compilation warning. | ||
| 166 | |||
| 167 | * emacs.c (shut_down_emacs): Call xmlCleanupParser on shutdown. | ||
| 168 | |||
| 169 | * xml.c (parse_region): Don't call xmlCleanupParser after parsing, | ||
| 170 | since this reportedly can destroy thread storage. | ||
| 171 | |||
| 20 | 2011-08-30 Chong Yidong <cyd@stupidchicken.com> | 172 | 2011-08-30 Chong Yidong <cyd@stupidchicken.com> |
| 21 | 173 | ||
| 22 | * syntax.c (find_defun_start): Update all cache variables if | 174 | * syntax.c (find_defun_start): Update all cache variables if |