diff options
| author | Paul Eggert | 2011-08-29 11:52:26 -0700 |
|---|---|---|
| committer | Paul Eggert | 2011-08-29 11:52:26 -0700 |
| commit | 8a4014344e961833b940a36887bdeee4935f88bd (patch) | |
| tree | 27f89a00215d1c60ca0228964008299516472490 /src | |
| parent | c57b67fcf07e10378fbb11cf8c6aecded43d1736 (diff) | |
| download | emacs-8a4014344e961833b940a36887bdeee4935f88bd.tar.gz emacs-8a4014344e961833b940a36887bdeee4935f88bd.zip | |
* frame.c (tty_frame_count): Now printmax_t, not int.
(make_terminal_frame, set_term_frame_name): Print it.
(x_report_frame_params): In X, window IDs are unsigned long,
not signed long, so print them as unsigned.
(validate_x_resource_name): Check for implausibly long names,
and don't assume name length fits in 'int'.
(x_get_resource_string): Don't blindly alloca invocation name;
use SAFE_ALLOCA. Use esprintf, not sprintf, in case result does
not fit in int.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ChangeLog | 10 | ||||
| -rw-r--r-- | src/frame.c | 46 |
2 files changed, 38 insertions, 18 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index a1af6127635..91bcaebb7bb 100644 --- a/src/ChangeLog +++ b/src/ChangeLog | |||
| @@ -52,6 +52,16 @@ | |||
| 52 | * fontset.c (num_auto_fontsets): Now printmax_t, not int. | 52 | * fontset.c (num_auto_fontsets): Now printmax_t, not int. |
| 53 | (fontset_from_font): Print it. | 53 | (fontset_from_font): Print it. |
| 54 | 54 | ||
| 55 | * frame.c (tty_frame_count): Now printmax_t, not int. | ||
| 56 | (make_terminal_frame, set_term_frame_name): Print it. | ||
| 57 | (x_report_frame_params): In X, window IDs are unsigned long, | ||
| 58 | not signed long, so print them as unsigned. | ||
| 59 | (validate_x_resource_name): Check for implausibly long names, | ||
| 60 | and don't assume name length fits in 'int'. | ||
| 61 | (x_get_resource_string): Don't blindly alloca invocation name; | ||
| 62 | use SAFE_ALLOCA. Use esprintf, not sprintf, in case result does | ||
| 63 | not fit in int. | ||
| 64 | |||
| 55 | 2011-08-26 Paul Eggert <eggert@cs.ucla.edu> | 65 | 2011-08-26 Paul Eggert <eggert@cs.ucla.edu> |
| 56 | 66 | ||
| 57 | Integer and memory overflow issues (Bug#9196). | 67 | Integer and memory overflow issues (Bug#9196). |
diff --git a/src/frame.c b/src/frame.c index 711109a70c6..66b857a73e9 100644 --- a/src/frame.c +++ b/src/frame.c | |||
| @@ -497,7 +497,7 @@ make_minibuffer_frame (void) | |||
| 497 | 497 | ||
| 498 | /* Construct a frame that refers to a terminal. */ | 498 | /* Construct a frame that refers to a terminal. */ |
| 499 | 499 | ||
| 500 | static int tty_frame_count; | 500 | static printmax_t tty_frame_count; |
| 501 | 501 | ||
| 502 | struct frame * | 502 | struct frame * |
| 503 | make_initial_frame (void) | 503 | make_initial_frame (void) |
| @@ -551,7 +551,7 @@ make_terminal_frame (struct terminal *terminal) | |||
| 551 | { | 551 | { |
| 552 | register struct frame *f; | 552 | register struct frame *f; |
| 553 | Lisp_Object frame; | 553 | Lisp_Object frame; |
| 554 | char name[20]; | 554 | char name[sizeof "F" + INT_STRLEN_BOUND (printmax_t)]; |
| 555 | 555 | ||
| 556 | if (!terminal->name) | 556 | if (!terminal->name) |
| 557 | error ("Terminal is not live, can't create new frames on it"); | 557 | error ("Terminal is not live, can't create new frames on it"); |
| @@ -562,7 +562,7 @@ make_terminal_frame (struct terminal *terminal) | |||
| 562 | Vframe_list = Fcons (frame, Vframe_list); | 562 | Vframe_list = Fcons (frame, Vframe_list); |
| 563 | 563 | ||
| 564 | tty_frame_count++; | 564 | tty_frame_count++; |
| 565 | sprintf (name, "F%d", tty_frame_count); | 565 | sprintf (name, "F%"pMd, tty_frame_count); |
| 566 | f->name = build_string (name); | 566 | f->name = build_string (name); |
| 567 | 567 | ||
| 568 | f->visible = 1; /* FRAME_SET_VISIBLE wd set frame_garbaged. */ | 568 | f->visible = 1; /* FRAME_SET_VISIBLE wd set frame_garbaged. */ |
| @@ -2074,7 +2074,7 @@ set_term_frame_name (struct frame *f, Lisp_Object name) | |||
| 2074 | /* If NAME is nil, set the name to F<num>. */ | 2074 | /* If NAME is nil, set the name to F<num>. */ |
| 2075 | if (NILP (name)) | 2075 | if (NILP (name)) |
| 2076 | { | 2076 | { |
| 2077 | char namebuf[20]; | 2077 | char namebuf[sizeof "F" + INT_STRLEN_BOUND (printmax_t)]; |
| 2078 | 2078 | ||
| 2079 | /* Check for no change needed in this very common case | 2079 | /* Check for no change needed in this very common case |
| 2080 | before we do any consing. */ | 2080 | before we do any consing. */ |
| @@ -2083,7 +2083,7 @@ set_term_frame_name (struct frame *f, Lisp_Object name) | |||
| 2083 | return; | 2083 | return; |
| 2084 | 2084 | ||
| 2085 | tty_frame_count++; | 2085 | tty_frame_count++; |
| 2086 | sprintf (namebuf, "F%d", tty_frame_count); | 2086 | sprintf (namebuf, "F%"pMd, tty_frame_count); |
| 2087 | name = build_string (namebuf); | 2087 | name = build_string (namebuf); |
| 2088 | } | 2088 | } |
| 2089 | else | 2089 | else |
| @@ -3065,6 +3065,7 @@ x_report_frame_params (struct frame *f, Lisp_Object *alistptr) | |||
| 3065 | { | 3065 | { |
| 3066 | char buf[16]; | 3066 | char buf[16]; |
| 3067 | Lisp_Object tem; | 3067 | Lisp_Object tem; |
| 3068 | unsigned long w; | ||
| 3068 | 3069 | ||
| 3069 | /* Represent negative positions (off the top or left screen edge) | 3070 | /* Represent negative positions (off the top or left screen edge) |
| 3070 | in a way that Fmodify_frame_parameters will understand correctly. */ | 3071 | in a way that Fmodify_frame_parameters will understand correctly. */ |
| @@ -3097,7 +3098,8 @@ x_report_frame_params (struct frame *f, Lisp_Object *alistptr) | |||
| 3097 | for non-toolkit scroll bar. | 3098 | for non-toolkit scroll bar. |
| 3098 | ruler-mode.el depends on this. */ | 3099 | ruler-mode.el depends on this. */ |
| 3099 | : Qnil)); | 3100 | : Qnil)); |
| 3100 | sprintf (buf, "%ld", (long) FRAME_X_WINDOW (f)); | 3101 | w = FRAME_X_WINDOW (f); |
| 3102 | sprintf (buf, "%lu", w); | ||
| 3101 | store_in_alist (alistptr, Qwindow_id, | 3103 | store_in_alist (alistptr, Qwindow_id, |
| 3102 | build_string (buf)); | 3104 | build_string (buf)); |
| 3103 | #ifdef HAVE_X_WINDOWS | 3105 | #ifdef HAVE_X_WINDOWS |
| @@ -3105,7 +3107,10 @@ x_report_frame_params (struct frame *f, Lisp_Object *alistptr) | |||
| 3105 | /* Tooltip frame may not have this widget. */ | 3107 | /* Tooltip frame may not have this widget. */ |
| 3106 | if (FRAME_X_OUTPUT (f)->widget) | 3108 | if (FRAME_X_OUTPUT (f)->widget) |
| 3107 | #endif | 3109 | #endif |
| 3108 | sprintf (buf, "%ld", (long) FRAME_OUTER_WINDOW (f)); | 3110 | { |
| 3111 | w = FRAME_OUTER_WINDOW (f); | ||
| 3112 | sprintf (buf, "%lu", w); | ||
| 3113 | } | ||
| 3109 | store_in_alist (alistptr, Qouter_window_id, | 3114 | store_in_alist (alistptr, Qouter_window_id, |
| 3110 | build_string (buf)); | 3115 | build_string (buf)); |
| 3111 | #endif | 3116 | #endif |
| @@ -3576,13 +3581,13 @@ x_set_alpha (struct frame *f, Lisp_Object arg, Lisp_Object oldval) | |||
| 3576 | void | 3581 | void |
| 3577 | validate_x_resource_name (void) | 3582 | validate_x_resource_name (void) |
| 3578 | { | 3583 | { |
| 3579 | int len = 0; | 3584 | ptrdiff_t len = 0; |
| 3580 | /* Number of valid characters in the resource name. */ | 3585 | /* Number of valid characters in the resource name. */ |
| 3581 | int good_count = 0; | 3586 | ptrdiff_t good_count = 0; |
| 3582 | /* Number of invalid characters in the resource name. */ | 3587 | /* Number of invalid characters in the resource name. */ |
| 3583 | int bad_count = 0; | 3588 | ptrdiff_t bad_count = 0; |
| 3584 | Lisp_Object new; | 3589 | Lisp_Object new; |
| 3585 | int i; | 3590 | ptrdiff_t i; |
| 3586 | 3591 | ||
| 3587 | if (!STRINGP (Vx_resource_class)) | 3592 | if (!STRINGP (Vx_resource_class)) |
| 3588 | Vx_resource_class = build_string (EMACS_CLASS); | 3593 | Vx_resource_class = build_string (EMACS_CLASS); |
| @@ -3615,8 +3620,9 @@ validate_x_resource_name (void) | |||
| 3615 | if (bad_count == 0) | 3620 | if (bad_count == 0) |
| 3616 | return; | 3621 | return; |
| 3617 | 3622 | ||
| 3618 | /* If name is entirely invalid, or nearly so, use `emacs'. */ | 3623 | /* If name is entirely invalid, or nearly so, or is so implausibly |
| 3619 | if (good_count < 2) | 3624 | large that alloca might not work, use `emacs'. */ |
| 3625 | if (good_count < 2 || MAX_ALLOCA - sizeof ".customization" < len) | ||
| 3620 | { | 3626 | { |
| 3621 | Vx_resource_name = build_string ("emacs"); | 3627 | Vx_resource_name = build_string ("emacs"); |
| 3622 | return; | 3628 | return; |
| @@ -3745,20 +3751,24 @@ x_get_resource_string (const char *attribute, const char *class) | |||
| 3745 | { | 3751 | { |
| 3746 | char *name_key; | 3752 | char *name_key; |
| 3747 | char *class_key; | 3753 | char *class_key; |
| 3754 | char *result; | ||
| 3748 | struct frame *sf = SELECTED_FRAME (); | 3755 | struct frame *sf = SELECTED_FRAME (); |
| 3756 | ptrdiff_t invocation_namelen = SBYTES (Vinvocation_name); | ||
| 3757 | USE_SAFE_ALLOCA; | ||
| 3749 | 3758 | ||
| 3750 | /* Allocate space for the components, the dots which separate them, | 3759 | /* Allocate space for the components, the dots which separate them, |
| 3751 | and the final '\0'. */ | 3760 | and the final '\0'. */ |
| 3752 | name_key = (char *) alloca (SBYTES (Vinvocation_name) | 3761 | SAFE_ALLOCA (name_key, char *, invocation_namelen + strlen (attribute) + 2); |
| 3753 | + strlen (attribute) + 2); | ||
| 3754 | class_key = (char *) alloca ((sizeof (EMACS_CLASS) - 1) | 3762 | class_key = (char *) alloca ((sizeof (EMACS_CLASS) - 1) |
| 3755 | + strlen (class) + 2); | 3763 | + strlen (class) + 2); |
| 3756 | 3764 | ||
| 3757 | sprintf (name_key, "%s.%s", SSDATA (Vinvocation_name), attribute); | 3765 | esprintf (name_key, "%s.%s", SSDATA (Vinvocation_name), attribute); |
| 3758 | sprintf (class_key, "%s.%s", EMACS_CLASS, class); | 3766 | sprintf (class_key, "%s.%s", EMACS_CLASS, class); |
| 3759 | 3767 | ||
| 3760 | return x_get_string_resource (FRAME_X_DISPLAY_INFO (sf)->xrdb, | 3768 | result = x_get_string_resource (FRAME_X_DISPLAY_INFO (sf)->xrdb, |
| 3761 | name_key, class_key); | 3769 | name_key, class_key); |
| 3770 | SAFE_FREE (); | ||
| 3771 | return result; | ||
| 3762 | } | 3772 | } |
| 3763 | #endif | 3773 | #endif |
| 3764 | 3774 | ||