diff options
| author | Chong Yidong | 2010-02-28 09:19:31 -0500 |
|---|---|---|
| committer | Chong Yidong | 2010-02-28 09:19:31 -0500 |
| commit | 412c01b6f0ab2661d5161062eb1d988482ae0d7d (patch) | |
| tree | eaf028b6f316d71a5659f9ed447a23c82ff365c0 /src | |
| parent | 00cffdeb90bc80bf9d5cd73e350083573780f742 (diff) | |
| download | emacs-412c01b6f0ab2661d5161062eb1d988482ae0d7d.tar.gz emacs-412c01b6f0ab2661d5161062eb1d988482ae0d7d.zip | |
Fix use of unitialized memory.
* charset.c (load_charset_map_from_file)
(load_charset_map_from_vector): Zero out allocated
charset_map_entries before using them.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ChangeLog | 6 | ||||
| -rw-r--r-- | src/charset.c | 4 |
2 files changed, 10 insertions, 0 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 6cafe2f60a5..f0a620b7b99 100644 --- a/src/ChangeLog +++ b/src/ChangeLog | |||
| @@ -1,3 +1,9 @@ | |||
| 1 | 2010-02-28 Chong Yidong <cyd@stupidchicken.com> | ||
| 2 | |||
| 3 | * charset.c (load_charset_map_from_file) | ||
| 4 | (load_charset_map_from_vector): Zero out allocated | ||
| 5 | charset_map_entries before using them. | ||
| 6 | |||
| 1 | 2010-02-27 Andreas Schwab <schwab@linux-m68k.org> | 7 | 2010-02-27 Andreas Schwab <schwab@linux-m68k.org> |
| 2 | 8 | ||
| 3 | * w32uniscribe.c (uniscribe_check_otf): Fix length check. | 9 | * w32uniscribe.c (uniscribe_check_otf): Fix length check. |
diff --git a/src/charset.c b/src/charset.c index 1db9ec17ae7..125c9131687 100644 --- a/src/charset.c +++ b/src/charset.c | |||
| @@ -531,6 +531,7 @@ load_charset_map_from_file (charset, mapfile, control_flag) | |||
| 531 | SAFE_ALLOCA (head, struct charset_map_entries *, | 531 | SAFE_ALLOCA (head, struct charset_map_entries *, |
| 532 | sizeof (struct charset_map_entries)); | 532 | sizeof (struct charset_map_entries)); |
| 533 | entries = head; | 533 | entries = head; |
| 534 | bzero (entries, sizeof (struct charset_map_entries)); | ||
| 534 | 535 | ||
| 535 | n_entries = 0; | 536 | n_entries = 0; |
| 536 | eof = 0; | 537 | eof = 0; |
| @@ -557,6 +558,7 @@ load_charset_map_from_file (charset, mapfile, control_flag) | |||
| 557 | SAFE_ALLOCA (entries->next, struct charset_map_entries *, | 558 | SAFE_ALLOCA (entries->next, struct charset_map_entries *, |
| 558 | sizeof (struct charset_map_entries)); | 559 | sizeof (struct charset_map_entries)); |
| 559 | entries = entries->next; | 560 | entries = entries->next; |
| 561 | bzero (entries, sizeof (struct charset_map_entries)); | ||
| 560 | } | 562 | } |
| 561 | idx = n_entries % 0x10000; | 563 | idx = n_entries % 0x10000; |
| 562 | entries->entry[idx].from = from; | 564 | entries->entry[idx].from = from; |
| @@ -596,6 +598,7 @@ load_charset_map_from_vector (charset, vec, control_flag) | |||
| 596 | SAFE_ALLOCA (head, struct charset_map_entries *, | 598 | SAFE_ALLOCA (head, struct charset_map_entries *, |
| 597 | sizeof (struct charset_map_entries)); | 599 | sizeof (struct charset_map_entries)); |
| 598 | entries = head; | 600 | entries = head; |
| 601 | bzero (entries, sizeof (struct charset_map_entries)); | ||
| 599 | 602 | ||
| 600 | n_entries = 0; | 603 | n_entries = 0; |
| 601 | for (i = 0; i < len; i += 2) | 604 | for (i = 0; i < len; i += 2) |
| @@ -632,6 +635,7 @@ load_charset_map_from_vector (charset, vec, control_flag) | |||
| 632 | SAFE_ALLOCA (entries->next, struct charset_map_entries *, | 635 | SAFE_ALLOCA (entries->next, struct charset_map_entries *, |
| 633 | sizeof (struct charset_map_entries)); | 636 | sizeof (struct charset_map_entries)); |
| 634 | entries = entries->next; | 637 | entries = entries->next; |
| 638 | bzero (entries, sizeof (struct charset_map_entries)); | ||
| 635 | } | 639 | } |
| 636 | idx = n_entries % 0x10000; | 640 | idx = n_entries % 0x10000; |
| 637 | entries->entry[idx].from = from; | 641 | entries->entry[idx].from = from; |