[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c
From: |
Eli Zaretskii |
Subject: |
bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c |
Date: |
Mon, 25 Jul 2016 19:24:14 +0300 |
> From: Sergei Litvin <litvindev@gmail.com>
> Date: Mon, 25 Jul 2016 02:51:40 +0300
>
>
> struct position *
> compute_motion (ptrdiff_t from, ptrdiff_t frombyte, EMACS_INT fromvpos,
> EMACS_INT fromhpos, bool did_motion, ptrdiff_t to,
> EMACS_INT tovpos, EMACS_INT tohpos, EMACS_INT width,
> ptrdiff_t hscroll, int tab_offset, struct window *win)
> {
>
> ...
>
> if (dp == buffer_display_table ())
> width_table = (VECTORP (BVAR (current_buffer, width_table))
> ? XVECTOR (BVAR (current_buffer, width_table))->contents
> : 0);
> else
> /* If the window has its own display table, we can't use the width
> run cache, because that's based on the buffer's display table. */
> width_table = 0; // initialize it with 0 (current buffer has no display table)
>
> ...
>
> if (width_cache)
> {
> /* Is this character part of the current run? If so, extend
> the run. */
> if (pos - 1 == width_run_end
> && XFASTINT (width_table[c]) == width_run_width) // dereference width_table
> here, and crash
> width_run_end = pos;
Did you actually see such a crash, and if so, can you show a recipe
for reproducing that?
Thanks.
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Sergei Litvin, 2016/07/24
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c,
Eli Zaretskii <=
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Sergei Litvin, 2016/07/25
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Clément Pit--Claudel, 2016/07/25
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, npostavs, 2016/07/25
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Clément Pit--Claudel, 2016/07/25
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Eli Zaretskii, 2016/07/26
- bug#24064: 24.5; NULL pointer dereference in compute_motion(), indent.c, Clément Pit--Claudel, 2016/07/26