Limit bidi_find_bracket_pairs to MAX_ALLOCA

* src/bidi.c (MAX_BPA_STACK): Now a constant, not a macro. Shrink it to allow for the two struct bidi_it objects in the same frame. (PUSH_BPA_STACK): Avoid integer overflow with enormous bidi cache. (bidi_find_bracket_pairs): Use compile-time check instead of runtime.
author: Paul Eggert 2017-06-21 17:18:30 -0700
committer: Paul Eggert 2017-06-21 17:27:58 -0700
commit: 35caaf713fb3c3e5e826e52b37e1b389c6bd9cce (patch)
tree: 958d4ccfe87ae8bfb3b8537ec251a971a2137fa8 /src
parent: 07a3386fbb4e180f017fab11ea963f4f34493f3c (diff)
download: emacs-35caaf713fb3c3e5e826e52b37e1b389c6bd9cce.tar.gz
emacs-35caaf713fb3c3e5e826e52b37e1b389c6bd9cce.zip
1 files changed, 7 insertions, 7 deletions
diff --git a/src/bidi.c b/src/bidi.c
index dce0bf695f6..e34da778ba0 100644
--- a/src/bidi.c
+++ b/src/bidi.c
@@ -565,9 +565,7 @@ bidi_copy_it (struct bidi_it *to, struct bidi_it *from)
   RTL characters in the offending line of text.  */
 /* Do we need to allow customization of this limit?  */
 #define BIDI_CACHE_MAX_ELTS_PER_SLOT 50000
-#if BIDI_CACHE_CHUNK >= BIDI_CACHE_MAX_ELTS_PER_SLOT
+verify (BIDI_CACHE_CHUNK < BIDI_CACHE_MAX_ELTS_PER_SLOT);
-# error BIDI_CACHE_CHUNK must be less than BIDI_CACHE_MAX_ELTS_PER_SLOT
-#endif
 static ptrdiff_t bidi_cache_max_elts = BIDI_CACHE_MAX_ELTS_PER_SLOT;
 static struct bidi_it *bidi_cache;
 static ptrdiff_t bidi_cache_size = 0;
@@ -2468,9 +2466,11 @@ typedef struct bpa_stack_entry {
  unsigned flags : 2;
 } bpa_stack_entry;
-/* With MAX_ALLOCA of 16KB, this should allow at least 1K slots in the
+/* Allow for the two struct bidi_it objects too, since they can be big.
+   With MAX_ALLOCA of 16 KiB, this should allow at least 900 slots in the
   BPA stack, which should be more than enough for actual bidi text.  */
-#define MAX_BPA_STACK ((int)max (MAX_ALLOCA / sizeof (bpa_stack_entry), 1))
+enum { MAX_BPA_STACK = max (1, ((MAX_ALLOCA - 2 * sizeof (struct bidi_it))
+                                / sizeof (bpa_stack_entry))) };
 /* UAX#9 says to match opening brackets with the matching closing
   brackets or their canonical equivalents.  As of Unicode 8.0, there
@@ -2517,7 +2517,7 @@ typedef struct bpa_stack_entry {
 #define PUSH_BPA_STACK                                                  \
  do {                                                                  \
    int ch;                                                             \
-    if (bpa_sp < MAX_BPA_STACK - 1)                                     \
+    if (bpa_sp < MAX_BPA_STACK - 1 && bidi_cache_last_idx <= INT_MAX)   \
      {                                                                 \
        bpa_sp++;                                                       \
        ch = CANONICAL_EQU (bidi_it->ch);                               \
@@ -2563,7 +2563,7 @@ bidi_find_bracket_pairs (struct bidi_it *bidi_it)
      ptrdiff_t pairing_pos;
      int idx_at_entry = bidi_cache_idx;
-      eassert (MAX_BPA_STACK >= 100);
+      verify (MAX_BPA_STACK >= 100);
      bidi_copy_it (&saved_it, bidi_it);
      /* bidi_cache_iterator_state refuses to cache on backward scans,
         and bidi_cache_fetch_state doesn't bring scan_dir from the
author	Paul Eggert	2017-06-21 17:18:30 -0700
committer	Paul Eggert	2017-06-21 17:27:58 -0700
commit	35caaf713fb3c3e5e826e52b37e1b389c6bd9cce (patch)
tree	958d4ccfe87ae8bfb3b8537ec251a971a2137fa8 /src
parent	07a3386fbb4e180f017fab11ea963f4f34493f3c (diff)
download	emacs-35caaf713fb3c3e5e826e52b37e1b389c6bd9cce.tar.gz emacs-35caaf713fb3c3e5e826e52b37e1b389c6bd9cce.zip