Commit f2cad773 authored by Paul Eggert's avatar Paul Eggert
Browse files

* ccl.c: Improve and simplify overflow checking (Bug#9196).

(ccl_driver): Do not generate an out-of-range pointer.
(Fccl_execute_on_string): Remove unnecessary check for
integer overflow, noted by Stefan Monnier in
<http://lists.gnu.org/archive/html/emacs-devel/2011-08/msg00979.html>.
Remove a FIXME that didn't need fixing.
Simplify the newly-introduced buffer reallocation code.
parent 0cae2cdb
2011-08-27 Paul Eggert <eggert@cs.ucla.edu>
* ccl.c: Improve and simplify overflow checking (Bug#9196).
(ccl_driver): Do not generate an out-of-range pointer.
(Fccl_execute_on_string): Remove unnecessary check for
integer overflow, noted by Stefan Monnier in
<http://lists.gnu.org/archive/html/emacs-devel/2011-08/msg00979.html>.
Remove a FIXME that didn't need fixing.
Simplify the newly-introduced buffer reallocation code.
2011-08-27 Juanma Barranquero <lekktu@gmail.com>
* makefile.w32-in ($(BLD)/alloc.$(O)): Depend on lib/verify.h.
......
......@@ -1770,7 +1770,7 @@ ccl_driver (struct ccl_program *ccl, int *source, int *destination, int src_size
}
msglen = strlen (msg);
if (dst + msglen <= dst_end)
if (msglen <= dst_end - dst)
{
for (i = 0; i < msglen; i++)
*dst++ = msg[i];
......@@ -2127,37 +2127,25 @@ usage: (ccl-execute-on-string CCL-PROGRAM STATUS STRING &optional CONTINUE UNIBY
src_size = j;
while (1)
{
int max_expansion = NILP (unibyte_p) ? MAX_MULTIBYTE_LENGTH : 1;
ptrdiff_t offset, shortfall;
ccl_driver (&ccl, src, destination, src_size, CCL_EXECUTE_BUF_SIZE,
Qnil);
produced_chars += ccl.produced;
offset = outp - outbuf;
shortfall = ccl.produced * max_expansion - (outbufsize - offset);
if (0 < shortfall)
{
outbuf = xpalloc (outbuf, &outbufsize, shortfall, -1, 1);
outp = outbuf + offset;
}
if (NILP (unibyte_p))
{
/* FIXME: Surely this should be buf_magnification instead.
MAX_MULTIBYTE_LENGTH overestimates the storage needed. */
int magnification = MAX_MULTIBYTE_LENGTH;
ptrdiff_t offset = outp - outbuf;
ptrdiff_t shortfall;
if (INT_MULTIPLY_OVERFLOW (ccl.produced, magnification))
memory_full (SIZE_MAX);
shortfall = ccl.produced * magnification - (outbufsize - offset);
if (0 < shortfall)
{
outbuf = xpalloc (outbuf, &outbufsize, shortfall, -1, 1);
outp = outbuf + offset;
}
for (j = 0; j < ccl.produced; j++)
CHAR_STRING_ADVANCE (destination[j], outp);
}
else
{
ptrdiff_t offset = outp - outbuf;
ptrdiff_t shortfall = ccl.produced - (outbufsize - offset);
if (0 < shortfall)
{
outbuf = xpalloc (outbuf, &outbufsize, shortfall, -1, 1);
outp = outbuf + offset;
}
for (j = 0; j < ccl.produced; j++)
*outp++ = destination[j];
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment