diff options
| author | Paul Eggert | 2017-12-09 13:57:38 -0800 |
|---|---|---|
| committer | Paul Eggert | 2017-12-12 15:17:12 -0800 |
| commit | 4295050e1194af13afa26403dd3ebdff80824ae0 (patch) | |
| tree | 354002f3c84f4d8341bb07c5f68529f660a9a405 /src/bytecode.c | |
| parent | 881abfc7fb55db2d00adf352100cc58a6a86c176 (diff) | |
| download | emacs-4295050e1194af13afa26403dd3ebdff80824ae0.tar.gz emacs-4295050e1194af13afa26403dd3ebdff80824ae0.zip | |
Narrow pointer bounds when appropriate
This typically occurs in a storage manager, where the caller
is expected to access only the newly-allocated object,
instead of using the returned value to access unrelated
parts of the heap.
* src/alloc.c (allocate_string, allocate_string_data)
(compact_small_strings, find_string_data_in_pure)
(sweep_strings, setup_on_free_list, allocate_vectorlike
(pure_alloc):
* src/bytecode.c (exec_byte_code):
* src/callint.c (Fcall_interactively):
* src/dispnew.c (scrolling):
* src/editfns.c (styled_format):
* src/frame.c (xrdb_get_resource, x_get_resource_string):
* src/fringe.c (Fdefine_fringe_bitmap):
* src/gmalloc.c (malloc, realloc, aligned_alloc):
Narrow pointer bounds when appropriate.
* src/alloc.c (SDATA_OF_STRING):
* src/lisp.h (make_lisp_symbol) [__CHKP__]:
Widen bounds here, though.
* src/bytecode.c, src/callint.c, src/dispnew.c, src/editfns.c:
* src/emacs.c, src/frame.c, src/fringe.c:
Include ptr-bounds.h.
* src/ptr-bounds.h (ptr_bounds_clip): New function.
Diffstat (limited to 'src/bytecode.c')
| -rw-r--r-- | src/bytecode.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/bytecode.c b/src/bytecode.c index 8746568f166..78207f776c1 100644 --- a/src/bytecode.c +++ b/src/bytecode.c | |||
| @@ -24,6 +24,7 @@ along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>. */ | |||
| 24 | #include "character.h" | 24 | #include "character.h" |
| 25 | #include "buffer.h" | 25 | #include "buffer.h" |
| 26 | #include "keyboard.h" | 26 | #include "keyboard.h" |
| 27 | #include "ptr-bounds.h" | ||
| 27 | #include "syntax.h" | 28 | #include "syntax.h" |
| 28 | #include "window.h" | 29 | #include "window.h" |
| 29 | 30 | ||
| @@ -363,13 +364,15 @@ exec_byte_code (Lisp_Object bytestr, Lisp_Object vector, Lisp_Object maxdepth, | |||
| 363 | unsigned char quitcounter = 1; | 364 | unsigned char quitcounter = 1; |
| 364 | EMACS_INT stack_items = XFASTINT (maxdepth) + 1; | 365 | EMACS_INT stack_items = XFASTINT (maxdepth) + 1; |
| 365 | USE_SAFE_ALLOCA; | 366 | USE_SAFE_ALLOCA; |
| 366 | Lisp_Object *stack_base; | 367 | void *alloc; |
| 367 | SAFE_ALLOCA_LISP_EXTRA (stack_base, stack_items, bytestr_length); | 368 | SAFE_ALLOCA_LISP_EXTRA (alloc, stack_items, bytestr_length); |
| 368 | Lisp_Object *stack_lim = stack_base + stack_items; | 369 | ptrdiff_t item_bytes = stack_items * word_size; |
| 370 | Lisp_Object *stack_base = ptr_bounds_clip (alloc, item_bytes); | ||
| 369 | Lisp_Object *top = stack_base; | 371 | Lisp_Object *top = stack_base; |
| 370 | memcpy (stack_lim, SDATA (bytestr), bytestr_length); | 372 | Lisp_Object *stack_lim = stack_base + stack_items; |
| 371 | void *void_stack_lim = stack_lim; | 373 | unsigned char *bytestr_data = alloc; |
| 372 | unsigned char const *bytestr_data = void_stack_lim; | 374 | bytestr_data = ptr_bounds_clip (bytestr_data + item_bytes, bytestr_length); |
| 375 | memcpy (bytestr_data, SDATA (bytestr), bytestr_length); | ||
| 373 | unsigned char const *pc = bytestr_data; | 376 | unsigned char const *pc = bytestr_data; |
| 374 | ptrdiff_t count = SPECPDL_INDEX (); | 377 | ptrdiff_t count = SPECPDL_INDEX (); |
| 375 | 378 | ||