From edaa182249601b0f7ee36f9863243b6919943982 Mon Sep 17 00:00:00 2001
From: Paul Eggert
Date: Fri, 3 Jun 2011 19:49:51 -0700
Subject: Check for buffer and string overflow more precisely.

* buffer.h (BUF_BYTES_MAX): New macro.
* lisp.h (STRING_BYTES_MAX): New macro.
* alloc.c (Fmake_string):
* character.c (string_escape_byte8):
* coding.c (coding_alloc_by_realloc):
* doprnt.c (doprnt):
* editfns.c (Fformat):
* eval.c (verror):
Use STRING_BYTES_MAX, not MOST_POSITIVE_FIXNUM,
since they may not be the same number.
* editfns.c (Finsert_char):
* fileio.c (Finsert_file_contents):
Likewise for BUF_BYTES_MAX.
---
 src/eval.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/eval.c')

diff --git a/src/eval.c b/src/eval.c
index f8bc0a9f6aa..ef5abac17ae 100644
--- a/src/eval.c
+++ b/src/eval.c
@@ -1994,7 +1994,7 @@ verror (const char *m, va_list ap)
 {
   char buf[4000];
   size_t size = sizeof buf;
-  size_t size_max = min (MOST_POSITIVE_FIXNUM + 1, SIZE_MAX);
+  size_t size_max = STRING_BYTES_MAX + 1;
   size_t mlen = strlen (m);
   char *buffer = buf;
   size_t used;
-- 
cgit v1.2.1