From d1f3d2afe1057a99b9dec6d1bd5b57bfee81fdff Mon Sep 17 00:00:00 2001
From: Paul Eggert
Date: Sun, 5 Jun 2011 23:16:12 -0700
Subject: Check for buffer and string overflow more precisely.

* buffer.h (BUF_BYTES_MAX): New macro.
* lisp.h (STRING_BYTES_MAX): New macro.
* alloc.c (Fmake_string):
* character.c (string_escape_byte8):
* coding.c (coding_alloc_by_realloc):
* doprnt.c (doprnt):
* editfns.c (Fformat):
* eval.c (verror):
Use STRING_BYTES_MAX, not MOST_POSITIVE_FIXNUM,
since they may not be the same number.
* editfns.c (Finsert_char):
* fileio.c (Finsert_file_contents):
Likewise for BUF_BYTES_MAX.
---
 src/coding.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/coding.c')

diff --git a/src/coding.c b/src/coding.c
index 6ccaf354c74..64e8e41a5a1 100644
--- a/src/coding.c
+++ b/src/coding.c
@@ -1071,8 +1071,8 @@ coding_set_destination (struct coding_system *coding)
 static void
 coding_alloc_by_realloc (struct coding_system *coding, EMACS_INT bytes)
 {
-  if (coding->dst_bytes >= MOST_POSITIVE_FIXNUM - bytes)
-    error ("Maximum size of buffer or string exceeded");
+  if (STRING_BYTES_MAX - coding->dst_bytes < bytes)
+    string_overflow ();
   coding->destination = (unsigned char *) xrealloc (coding->destination,
 						    coding->dst_bytes + bytes);
   coding->dst_bytes += bytes;
-- 
cgit v1.2.1