diff options
| author | Paul Eggert | 2017-12-09 13:57:38 -0800 |
|---|---|---|
| committer | Paul Eggert | 2017-12-12 15:17:12 -0800 |
| commit | 4295050e1194af13afa26403dd3ebdff80824ae0 (patch) | |
| tree | 354002f3c84f4d8341bb07c5f68529f660a9a405 /src/frame.c | |
| parent | 881abfc7fb55db2d00adf352100cc58a6a86c176 (diff) | |
| download | emacs-4295050e1194af13afa26403dd3ebdff80824ae0.tar.gz emacs-4295050e1194af13afa26403dd3ebdff80824ae0.zip | |
Narrow pointer bounds when appropriate
This typically occurs in a storage manager, where the caller
is expected to access only the newly-allocated object,
instead of using the returned value to access unrelated
parts of the heap.
* src/alloc.c (allocate_string, allocate_string_data)
(compact_small_strings, find_string_data_in_pure)
(sweep_strings, setup_on_free_list, allocate_vectorlike
(pure_alloc):
* src/bytecode.c (exec_byte_code):
* src/callint.c (Fcall_interactively):
* src/dispnew.c (scrolling):
* src/editfns.c (styled_format):
* src/frame.c (xrdb_get_resource, x_get_resource_string):
* src/fringe.c (Fdefine_fringe_bitmap):
* src/gmalloc.c (malloc, realloc, aligned_alloc):
Narrow pointer bounds when appropriate.
* src/alloc.c (SDATA_OF_STRING):
* src/lisp.h (make_lisp_symbol) [__CHKP__]:
Widen bounds here, though.
* src/bytecode.c, src/callint.c, src/dispnew.c, src/editfns.c:
* src/emacs.c, src/frame.c, src/fringe.c:
Include ptr-bounds.h.
* src/ptr-bounds.h (ptr_bounds_clip): New function.
Diffstat (limited to 'src/frame.c')
| -rw-r--r-- | src/frame.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/frame.c b/src/frame.c index 5bafbeddcce..94ec9fbdc7d 100644 --- a/src/frame.c +++ b/src/frame.c | |||
| @@ -35,6 +35,7 @@ along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>. */ | |||
| 35 | #include "buffer.h" | 35 | #include "buffer.h" |
| 36 | /* These help us bind and responding to switch-frame events. */ | 36 | /* These help us bind and responding to switch-frame events. */ |
| 37 | #include "keyboard.h" | 37 | #include "keyboard.h" |
| 38 | #include "ptr-bounds.h" | ||
| 38 | #include "frame.h" | 39 | #include "frame.h" |
| 39 | #include "blockinput.h" | 40 | #include "blockinput.h" |
| 40 | #include "termchar.h" | 41 | #include "termchar.h" |
| @@ -4812,6 +4813,8 @@ xrdb_get_resource (XrmDatabase rdb, Lisp_Object attribute, Lisp_Object class, Li | |||
| 4812 | USE_SAFE_ALLOCA; | 4813 | USE_SAFE_ALLOCA; |
| 4813 | char *name_key = SAFE_ALLOCA (name_keysize + class_keysize); | 4814 | char *name_key = SAFE_ALLOCA (name_keysize + class_keysize); |
| 4814 | char *class_key = name_key + name_keysize; | 4815 | char *class_key = name_key + name_keysize; |
| 4816 | name_key = ptr_bounds_clip (name_key, name_keysize); | ||
| 4817 | class_key = ptr_bounds_clip (class_key, class_keysize); | ||
| 4815 | 4818 | ||
| 4816 | /* Start with emacs.FRAMENAME for the name (the specific one) | 4819 | /* Start with emacs.FRAMENAME for the name (the specific one) |
| 4817 | and with `Emacs' for the class key (the general one). */ | 4820 | and with `Emacs' for the class key (the general one). */ |
| @@ -4890,6 +4893,8 @@ x_get_resource_string (const char *attribute, const char *class) | |||
| 4890 | ptrdiff_t class_keysize = sizeof (EMACS_CLASS) - 1 + strlen (class) + 2; | 4893 | ptrdiff_t class_keysize = sizeof (EMACS_CLASS) - 1 + strlen (class) + 2; |
| 4891 | char *name_key = SAFE_ALLOCA (name_keysize + class_keysize); | 4894 | char *name_key = SAFE_ALLOCA (name_keysize + class_keysize); |
| 4892 | char *class_key = name_key + name_keysize; | 4895 | char *class_key = name_key + name_keysize; |
| 4896 | name_key = ptr_bounds_clip (name_key, name_keysize); | ||
| 4897 | class_key = ptr_bounds_clip (class_key, class_keysize); | ||
| 4893 | 4898 | ||
| 4894 | esprintf (name_key, "%s.%s", SSDATA (Vinvocation_name), attribute); | 4899 | esprintf (name_key, "%s.%s", SSDATA (Vinvocation_name), attribute); |
| 4895 | sprintf (class_key, "%s.%s", EMACS_CLASS, class); | 4900 | sprintf (class_key, "%s.%s", EMACS_CLASS, class); |