[Emacs-diffs] /srv/bzr/emacs/trunk r107723: Fix unsafe use of alloca rep

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] /srv/bzr/emacs/trunk r107723: Fix unsafe use of alloca rep

From:	Eli Zaretskii
Subject:	[Emacs-diffs] /srv/bzr/emacs/trunk r107723: Fix unsafe use of alloca reported in bug #11138.
Date:	Sun, 01 Apr 2012 19:55:30 +0300
User-agent:	Bazaar (2.3.1)

------------------------------------------------------------
revno: 107723
fixes bug(s): http://debbugs.gnu.org/11138
committer: Eli Zaretskii <address@hidden>
branch nick: trunk
timestamp: Sun 2012-04-01 19:55:30 +0300
message:
  Fix unsafe use of alloca reported in bug #11138.
  
   src/w32menu.c (simple_dialog_show, add_menu_item): Use SAFE_ALLOCA
   instead of alloca.
modified:
  src/ChangeLog
  src/w32menu.c

=== modified file 'src/ChangeLog'
--- a/src/ChangeLog     2012-04-01 16:42:57 +0000
+++ b/src/ChangeLog     2012-04-01 16:55:30 +0000
@@ -1,3 +1,8 @@
+2012-04-01  Eli Zaretskii  <address@hidden>
+
+       * w32menu.c (simple_dialog_show, add_menu_item): Use SAFE_ALLOCA
+       instead of alloca.  (Bug#11138)
+
 2012-04-01  Andreas Schwab  <address@hidden>
 
        * w32menu.c (is_simple_dialog): Properly check lisp types.

=== modified file 'src/w32menu.c'
--- a/src/w32menu.c     2012-04-01 16:42:57 +0000
+++ b/src/w32menu.c     2012-04-01 16:55:30 +0000
@@ -1231,6 +1231,7 @@
   if (unicode_message_box)
     {
       WCHAR *text, *title;
+      USE_SAFE_ALLOCA;
 
       if (STRINGP (temp))
        {
@@ -1240,7 +1241,7 @@
             one utf16 word, so we cannot simply use the character
             length of temp.  */
          int utf8_len = strlen (utf8_text);
-         text = alloca ((utf8_len + 1) * sizeof (WCHAR));
+         SAFE_ALLOCA (text, WCHAR *, (utf8_len + 1) * sizeof (WCHAR));
          utf8to16 (utf8_text, utf8_len, text);
        }
       else
@@ -1260,6 +1261,7 @@
        }
 
       answer = unicode_message_box (FRAME_W32_WINDOW (f), text, title, type);
+      SAFE_FREE ();
     }
   else
     {
@@ -1366,6 +1368,7 @@
   char *out_string, *p, *q;
   int return_value;
   size_t nlen, orig_len;
+  USE_SAFE_ALLOCA;
 
   if (menu_separator_name_p (wv->name))
     {
@@ -1381,7 +1384,8 @@
 
       if (wv->key != NULL)
        {
-         out_string = alloca (strlen (wv->name) + strlen (wv->key) + 2);
+         SAFE_ALLOCA (out_string, char *,
+                      strlen (wv->name) + strlen (wv->key) + 2);
          strcpy (out_string, wv->name);
          strcat (out_string, "\t");
          strcat (out_string, wv->key);
@@ -1415,7 +1419,7 @@
       if (nlen > orig_len)
         {
           p = out_string;
-          out_string = alloca (nlen + 1);
+          SAFE_ALLOCA (out_string, char *, nlen + 1);
           q = out_string;
           while (*p)
             {
@@ -1475,7 +1479,7 @@
       if (fuFlags & MF_OWNERDRAW)
        utf16_string = local_alloc ((utf8_len + 1) * sizeof (WCHAR));
       else
-       utf16_string = alloca ((utf8_len + 1) * sizeof (WCHAR));
+       SAFE_ALLOCA (utf16_string, WCHAR *, (utf8_len + 1) * sizeof (WCHAR));
 
       utf8to16 (out_string, utf8_len, utf16_string);
       return_value = unicode_append_menu (menu, fuFlags,
@@ -1544,6 +1548,7 @@
                              FALSE, &info);
        }
     }
+  SAFE_FREE ();
   return return_value;
 }

[Prev in Thread]

Current Thread

[Next in Thread]

[Emacs-diffs] /srv/bzr/emacs/trunk r107723: Fix unsafe use of alloca reported in bug #11138., Eli Zaretskii <=

Prev by Date: [Emacs-diffs] /srv/bzr/emacs/trunk r107722: Fixes: debbugs:11141
Next by Date: [Emacs-diffs] /srv/bzr/emacs/trunk r107724: Improve documentation of emacsclient -c and -t on MS-Windows.
Previous by thread: [Emacs-diffs] /srv/bzr/emacs/trunk r107722: Fixes: debbugs:11141
Next by thread: [Emacs-diffs] /srv/bzr/emacs/trunk r107724: Improve documentation of emacsclient -c and -t on MS-Windows.
Index(es):
- Date
- Thread