Commit 0df02bf3 authored by Paul Eggert's avatar Paul Eggert
Browse files

* lread.c (dir_warning): Don't blindly alloca buffer; use SAFE_ALLOCA.

Use esprintf, not sprintf, in case result does not fit in int.
parent 84722b3d
......@@ -65,6 +65,9 @@
* gtkutil.c (xg_check_special_colors, xg_set_geometry):
Make sprintf buffers a bit bigger, to avoid potential buffer overrun.
* lread.c (dir_warning): Don't blindly alloca buffer; use SAFE_ALLOCA.
Use esprintf, not sprintf, in case result does not fit in int.
2011-08-26 Paul Eggert <eggert@cs.ucla.edu>
Integer and memory overflow issues (Bug#9196).
......
......@@ -4295,14 +4295,20 @@ init_lread (void)
void
dir_warning (const char *format, Lisp_Object dirname)
{
char *buffer
= (char *) alloca (SCHARS (dirname) + strlen (format) + 5);
fprintf (stderr, format, SDATA (dirname));
sprintf (buffer, format, SDATA (dirname));
/* Don't log the warning before we've initialized!! */
if (initialized)
message_dolog (buffer, strlen (buffer), 0, STRING_MULTIBYTE (dirname));
{
char *buffer;
ptrdiff_t message_len;
USE_SAFE_ALLOCA;
SAFE_ALLOCA (buffer, char *,
SBYTES (dirname) + strlen (format) - (sizeof "%s" - 1) + 1);
message_len = esprintf (buffer, format, SDATA (dirname));
message_dolog (buffer, message_len, 0, STRING_MULTIBYTE (dirname));
SAFE_FREE ();
}
}
void
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment