1. 29 Aug, 2011 5 commits
    • Paul Eggert's avatar
      * editfns.c (Fcurrent_time_zone): Don't overrun buffer · 33ef5c64
      Paul Eggert authored
      even if the time zone offset is outlandishly large.
      Don't mishandle offset == INT_MIN.
      33ef5c64
    • Paul Eggert's avatar
      * dispnew.c (add_window_display_history): Don't overrun buffer. · 9d1df220
      Paul Eggert authored
      Truncate instead; this is OK since it's just a log.
      9d1df220
    • Paul Eggert's avatar
      * dbusbind.c (xd_signature, Fdbus_register_signal): · 2ea16b89
      Paul Eggert authored
      Do not overrun buffer; instead, report string overflow.
      2ea16b89
    • Paul Eggert's avatar
      sprintf-related integer and memory overflow issues. · 62f19c19
      Paul Eggert authored
      * doprnt.c (doprnt): Support printing ptrdiff_t and intmax_t values.
      (esprintf, esnprintf, exprintf, evxprintf): New functions.
      * keyboard.c (command_loop_level): Now EMACS_INT, not int.
      (cmd_error): kbd macro iterations count is now EMACS_INT, not int.
      (modify_event_symbol): Do not assume that the length of
      name_alist_or_stem is safe to alloca and fits in int.
      (Fexecute_extended_command): Likewise for function name and binding.
      (Frecursion_depth): Wrap around reliably on integer overflow.
      * keymap.c (push_key_description): First arg is now EMACS_INT, not int,
      since some callers pass EMACS_INT values.
      (Fsingle_key_description): Don't crash if symbol name contains more
      than MAX_ALLOCA bytes.
      * minibuf.c (minibuf_level): Now EMACS_INT, not int.
      (get_minibuffer): Arg is now EMACS_INT, not int.
      * lisp.h (get_minibuffer, push_key_description): Reflect API changes.
      (esprintf, esnprintf, exprintf, evxprintf): New decls.
      * window.h (command_loop_level, minibuf_level): Reflect API changes.
      62f19c19
    • Paul Eggert's avatar
      Add Bug#. · 005d87bd
      Paul Eggert authored
      005d87bd
  2. 28 Aug, 2011 4 commits
    • Paul Eggert's avatar
      * update-game-score.c: Include <limits.h> · 0c6d656d
      Paul Eggert authored
      (get_user_id): Do not assume uid fits in 'int'.  Simplify.
      0c6d656d
    • Paul Eggert's avatar
      * movemail.c (main): Do not use sprintf when its result might not fit · 644a0faa
      Paul Eggert authored
      in 'int'.  Instead, put the possibly-long file name into the
      output of pfatal_with_name.
      644a0faa
    • Paul Eggert's avatar
      * etags.c (xmalloc, xrealloc): Accept size_t, not unsigned int, · 9250f758
      Paul Eggert authored
      to avoid potential buffer overflow issues on typical 64-bit hosts.
      (whatlen_max): New static var.
      (main): Avoid buffer overflow if subsidiary command length is
      greater than BUFSIZ or 2*BUFSIZ + 20. Do not use sprintf when its
      result might not fit in 'int'.
      9250f758
    • Paul Eggert's avatar
      Integer and memory overflow issues. · 17107bb6
      Paul Eggert authored
      * emacsclient.c (xmalloc): Accept size_t, not unsigned int, to
      avoid potential buffer overflow issues on typical 64-bit hosts.
      Return void *, not long *.
      (get_current_dir_name): Report a failure, instead of looping
      forever, if buffer size calculation overflows.  Treat malloc
      failures like realloc failures, as that has better behavior and is
      more consistent.  Do not check whether xmalloc returns NULL, as
      that's not possible.
      (message): Do not arbitrarily truncate message to 2048 bytes when
      sending it to stderr; use vfprintf instead.
      (get_server_config, set_local_socket)
      (start_daemon_and_retry_set_socket): Do not alloca
      arbitrarily-large buffers; that's not safe.
      (get_server_config, set_local_socket): Do not use sprintf when its
      result might not fit in 'int'.
      (set_local_socket): Do not assume uid fits in 'int'.
      17107bb6
  3. 26 Aug, 2011 10 commits
  4. 25 Aug, 2011 17 commits
  5. 24 Aug, 2011 4 commits