diff options
author | Paul Eggert <[email protected]> | 2011-07-28 14:37:15 -0700 |
---|---|---|
committer | Paul Eggert <[email protected]> | 2011-07-28 14:37:15 -0700 |
commit | c9f8d652ab67b148cd0a1cb375b0e51e673c4094 (patch) | |
tree | 28db7746cd8179674ff925067cfde9e38a822799 /src/editfns.c | |
parent | 3d0c92a26bb73fdc542e4d9e467b31fd0ad02417 (diff) |
* editfns.c: Integer and memory overflow fixes.
(set_time_zone_rule): Don't assume environment length fits in int.
(message_length): Now ptrdiff_t, not int.
(Fmessage_box): Don't update size until allocation succeeds.
Don't assume message length fits in int.
(Fformat): Use ptrdiff_t, not EMACS_INT, where ptrdiff_t will do.
Diffstat (limited to 'src/editfns.c')
-rw-r--r-- | src/editfns.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/editfns.c b/src/editfns.c index 18fefa5e3b..1616305faa 100644 --- a/src/editfns.c +++ b/src/editfns.c @@ -2105,7 +2105,7 @@ static char set_time_zone_rule_tz2[] = "TZ=GMT+1"; void set_time_zone_rule (const char *tzstring) { - int envptrs; + ptrdiff_t envptrs; char **from, **to, **newenv; /* Make the ENVIRON vector longer with room for TZSTRING. */ @@ -3355,7 +3355,7 @@ usage: (save-restriction &rest BODY) */) static char *message_text; /* Allocated length of that buffer. */ -static int message_length; +static ptrdiff_t message_length; DEFUN ("message", Fmessage, Smessage, 1, MANY, 0, doc: /* Display a message at the bottom of the screen. @@ -3437,8 +3437,8 @@ usage: (message-box FORMAT-STRING &rest ARGS) */) } if (SBYTES (val) > message_length) { + message_text = (char *) xrealloc (message_text, SBYTES (val)); message_length = SBYTES (val); - message_text = (char *)xrealloc (message_text, message_length); } memcpy (message_text, SDATA (val), SBYTES (val)); message2 (message_text, SBYTES (val), @@ -4163,7 +4163,7 @@ usage: (format STRING &rest OBJECTS) */) character. CONVBYTES says how much room is needed. Allocate enough room (and then some) and do it again. */ { - EMACS_INT used = p - buf; + ptrdiff_t used = p - buf; if (max_bufsize - used < convbytes) string_overflow (); |