diff options
author | Paul Eggert <[email protected]> | 2011-06-17 01:10:34 -0700 |
---|---|---|
committer | Paul Eggert <[email protected]> | 2011-06-17 01:10:34 -0700 |
commit | 67c36fce599fc28e5ae3eca371d034c600265dd2 (patch) | |
tree | d33f388c65d9830ef51ed32a608fd1b523081152 /src/buffer.c | |
parent | 93cb6be35e90f37078276fe60142050d9cff524a (diff) |
* buffer.c (record_overlay_string): Check for size-calculation overflow.
(struct sortstrlist.size, struct sortlist.used): Don't truncate size to int.
Diffstat (limited to 'src/buffer.c')
-rw-r--r-- | src/buffer.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/buffer.c b/src/buffer.c index 90a10ec2a3..93f739c0d4 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -2933,8 +2933,8 @@ struct sortstr struct sortstrlist { struct sortstr *buf; /* An array that expands as needed; never freed. */ - int size; /* Allocated length of that array. */ - int used; /* How much of the array is currently in use. */ + ptrdiff_t size; /* Allocated length of that array. */ + ptrdiff_t used; /* How much of the array is currently in use. */ EMACS_INT bytes; /* Total length of the strings in buf. */ }; @@ -2969,7 +2969,10 @@ record_overlay_string (struct sortstrlist *ssl, Lisp_Object str, if (ssl->used == ssl->size) { - if (ssl->buf) + if (min (PTRDIFF_MAX, SIZE_MAX) / (sizeof (struct sortstr) * 2) + < ssl->size) + memory_full (SIZE_MAX); + else if (0 < ssl->size) ssl->size *= 2; else ssl->size = 5; |