[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] master a8a93b1 10/14: Guard against signed integer overflo
From: |
Philipp Stephani |
Subject: |
[Emacs-diffs] master a8a93b1 10/14: Guard against signed integer overflows |
Date: |
Sun, 4 Jun 2017 13:54:07 -0400 (EDT) |
branch: master
commit a8a93b11cfa673c14c9a0d93ba87a16459dcde00
Author: Philipp Stephani <address@hidden>
Commit: Philipp Stephani <address@hidden>
Guard against signed integer overflows
* src/emacs-module.c (module_extract_integer)
(module_copy_string_contents, module_make_string): Guard against
signed integer overflows.
---
src/emacs-module.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/emacs-module.c b/src/emacs-module.c
index d4047d6..f7facb9 100644
--- a/src/emacs-module.c
+++ b/src/emacs-module.c
@@ -448,6 +448,8 @@ module_eq (emacs_env *env, emacs_value a, emacs_value b)
static intmax_t
module_extract_integer (emacs_env *env, emacs_value n)
{
+ verify (MOST_NEGATIVE_FIXNUM >= INTMAX_MIN);
+ verify (MOST_POSITIVE_FIXNUM <= INTMAX_MAX);
MODULE_FUNCTION_BEGIN (0);
Lisp_Object l = value_to_lisp (n);
CHECK_NUMBER (l);
@@ -489,7 +491,9 @@ module_copy_string_contents (emacs_env *env, emacs_value
value, char *buffer,
Lisp_Object lisp_str_utf8 = ENCODE_UTF_8 (lisp_str);
ptrdiff_t raw_size = SBYTES (lisp_str_utf8);
- ptrdiff_t required_buf_size = raw_size + 1;
+ ptrdiff_t required_buf_size;
+ if (INT_ADD_WRAPV (raw_size, 1, &required_buf_size))
+ xsignal0 (Qoverflow_error);
eassert (required_buf_size > 0);
eassert (length != NULL);
@@ -520,6 +524,8 @@ module_make_string (emacs_env *env, const char *str,
ptrdiff_t length)
{
MODULE_FUNCTION_BEGIN (module_nil);
eassert (str != NULL);
+ if (length < 0 || length > MOST_POSITIVE_FIXNUM)
+ xsignal0 (Qoverflow_error);
AUTO_STRING_WITH_LEN (lstr, str, length);
return lisp_to_value (code_convert_string_norecord (lstr, Qutf_8, false));
}
- [Emacs-diffs] master updated (bd3c6ee -> 2aa8b15), Philipp Stephani, 2017/06/04
- [Emacs-diffs] master db74384 01/14: Remove two FIXMEs that can't be fixed, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 1839699 02/14: Define helper macro to reduce code duplication, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 034275e 07/14: ; Small comment fix, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 3b0080d 03/14: Rework printing of module functions, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 366e25a 05/14: Simplify interface of dynlib_attr., Philipp Stephani, 2017/06/04
- [Emacs-diffs] master a8a93b1 10/14: Guard against signed integer overflows,
Philipp Stephani <=
- [Emacs-diffs] master fb3a9fd 08/14: ; Grammar fix, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 9be8b2b 06/14: Use ATTRIBUTE_MAY_ALIAS where alias violations are likely, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 5497062 09/14: Add a couple more assertions to the module code, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 27445a8 11/14: Remove an unneeded assertion, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 2aa8b15 14/14: Remove an unused error symbol, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master d372017 12/14: Use more specific errors for module load failure, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 045d21c 04/14: Rationalize environment lifetime management functions, Philipp Stephani, 2017/06/04
- [Emacs-diffs] master 66da3f4 13/14: Support quitting in modules, Philipp Stephani, 2017/06/04