* charset.c (read_hex): New arg OVERFLOW. All uses changed.

Remove unreachable code. (read_hex, load_charset_map_from_file): Check for integer overflow.
author: Paul Eggert 2011-07-17 23:44:01 -0700
committer: Paul Eggert 2011-07-17 23:44:01 -0700
commit: caeeedc1afd7205303a99ef8ce7e4ce7d2055042 (patch)
tree: a7d77fb5203b1f2b1ed0d3d79fda29587e0540d2 /src
parent: 50849c52f8cf342b81c1db12b13f866ec6c049fc (diff)
download: emacs-caeeedc1afd7205303a99ef8ce7e4ce7d2055042.tar.gz
emacs-caeeedc1afd7205303a99ef8ce7e4ce7d2055042.zip
2 files changed, 26 insertions, 15 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index 940beee887d..869e2637cf4 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2011-07-18  Paul Eggert  <eggert@cs.ucla.edu>
+        * charset.c (read_hex): New arg OVERFLOW.  All uses changed.
+        Remove unreachable code.
+        (read_hex, load_charset_map_from_file): Check for integer overflow.
 2011-07-17  Paul Eggert  <eggert@cs.ucla.edu>
        * xterm.c: don't go over XClientMessageEvent limit
diff --git a/src/charset.c b/src/charset.c
index 55234aa76aa..e2bfcd08671 100644
--- a/src/charset.c
+++ b/src/charset.c
@@ -419,7 +419,7 @@ load_charset_map (struct charset *charset, struct charset_map_entries *entries,
   paying attention to comment character '#'.  */
 static inline unsigned
-read_hex (FILE *fp, int *eof)
+read_hex (FILE *fp, int *eof, int *overflow)
 {
  int c;
  unsigned n;
@@ -441,15 +441,16 @@ read_hex (FILE *fp, int *eof)
      *eof = 1;
      return 0;
    }
-  *eof = 0;
  n = 0;
-  if (c == 'x')
+  while (isxdigit (c = getc (fp)))
-    while ((c = getc (fp)) != EOF && isxdigit (c))
+    {
+      if (UINT_MAX >> 4 < n)
+        *overflow = 1;
      n = ((n << 4)
-           | (c <= '9' ? c - '0' : c <= 'F' ? c - 'A' + 10 : c - 'a' + 10));
+           | (c - ('0' <= c && c <= '9' ? '0'
-  else
+                   : 'A' <= c && c <= 'F' ? 'A' - 10
-    while ((c = getc (fp)) != EOF && isdigit (c))
+                   : 'a' - 10)));
-      n = (n * 10) + c - '0';
+    }
  if (c != EOF)
    ungetc (c, fp);
  return n;
@@ -479,7 +480,6 @@ load_charset_map_from_file (struct charset *charset, Lisp_Object mapfile, int co
  unsigned max_code = CHARSET_MAX_CODE (charset);
  int fd;
  FILE *fp;
-  int eof;
  Lisp_Object suffixes;
  struct charset_map_entries *head, *entries;
  int n_entries, count;
@@ -504,22 +504,27 @@ load_charset_map_from_file (struct charset *charset, Lisp_Object mapfile, int co
  memset (entries, 0, sizeof (struct charset_map_entries));
  n_entries = 0;
-  eof = 0;
  while (1)
    {
-      unsigned from, to;
+      unsigned from, to, c;
-      int c;
      int idx;
+      int eof = 0, overflow = 0;
-      from = read_hex (fp, &eof);
+      from = read_hex (fp, &eof, &overflow);
      if (eof)
        break;
      if (getc (fp) == '-')
-        to = read_hex (fp, &eof);
+        to = read_hex (fp, &eof, &overflow);
      else
        to = from;
-      c = (int) read_hex (fp, &eof);
+      if (eof)
+        break;
+      c = read_hex (fp, &eof, &overflow);
+      if (eof)
+        break;
+      if (overflow)
+        continue;
      if (from < min_code || to > max_code || from > to || c > MAX_CHAR)
        continue;
author	Paul Eggert	2011-07-17 23:44:01 -0700
committer	Paul Eggert	2011-07-17 23:44:01 -0700
commit	caeeedc1afd7205303a99ef8ce7e4ce7d2055042 (patch)
tree	a7d77fb5203b1f2b1ed0d3d79fda29587e0540d2 /src
parent	50849c52f8cf342b81c1db12b13f866ec6c049fc (diff)
download	emacs-caeeedc1afd7205303a99ef8ce7e4ce7d2055042.tar.gz emacs-caeeedc1afd7205303a99ef8ce7e4ce7d2055042.zip