Problem report #35

unofficial mirror of emacs-devel@gnu.org 
 help / color / mirror / code / Atom feed

* Problem report #35
@ 2006-04-11 15:49 Dan Nicolaescu
  2006-04-14  1:39 ` Problem report #35 FALSE Kenichi Handa
  0 siblings, 1 reply; 2+ messages in thread
From: Dan Nicolaescu @ 2006-04-11 15:49 UTC (permalink / raw)



CID: 35
Checker: OVERRUN_STATIC (help)
File: emacs/src/coding.c
Function: detect_coding_iso2022
Description: Overrun of static array "(((coding_system_table[2])->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"

1435 		  ONE_MORE_BYTE_CHECK_MULTIBYTE (c, multibytep);

At conditional (1): "c >= 40" taking true path
At conditional (2): "c <= 47" taking true path

1436 		  if (c >= '(' && c <= '/')
1437 		    {
1438 		      /* Designation sequence for a charset of dimension 1.  */

At conditional (3): "src >= src_end" taking false path
At conditional (4): "multibytep != 0" taking true path
At conditional (5): "c1 == 158" taking true path
At conditional (6): "0" taking false path

1439 		      ONE_MORE_BYTE_CHECK_MULTIBYTE (c1, multibytep);

At conditional (7): "c1 < 32" taking false path
At conditional (8): "c1 >= 128" taking false path
At conditional (9): "c >= 44" taking true path
At conditional (10): "charset = iso_charset_table[0][((c >= 44) ? 1 : (0))][c1] < 0" taking false path

1440 		      if (c1 < ' ' || c1 >= 0x80
1441 			  || (charset = iso_charset_table[0][c >= ','][c1]) < 0)
1442 			/* Invalid designation sequence.  Just ignore.  */
1443 			break;
1444 		      reg[(c - '(') % 4] = charset;
1445 		    }
1446 		  else if (c == '$')
1447 		    {
1448 		      /* Designation sequence for a charset of dimension 2.  */
1449 		      ONE_MORE_BYTE_CHECK_MULTIBYTE (c, multibytep);
1450 		      if (c >= '@' && c <= 'B')
1451 			/* Designation for JISX0208.1978, GB2312, or JISX0208.  */
1452 			reg[0] = charset = iso_charset_table[1][0][c];
1453 		      else if (c >= '(' && c <= '/')
1454 			{
1455 			  ONE_MORE_BYTE_CHECK_MULTIBYTE (c1, multibytep);
1456 			  if (c1 < ' ' || c1 >= 0x80
1457 			      || (charset = iso_charset_table[1][c >= ','][c1]) < 0)
1458 			    /* Invalid designation sequence.  Just ignore.  */
1459 			    break;
1460 			  reg[(c - '(') % 4] = charset;
1461 			}
1462 		      else
1463 			/* Invalid designation sequence.  Just ignore.  */
1464 			break;
1465 		    }
1466 		  else if (c == 'N' || c == 'O')
1467 		    {
1468 		      /* ESC <Fe> for SS2 or SS3.  */
1469 		      mask &= CODING_CATEGORY_MASK_ISO_7_ELSE;
1470 		      break;
1471 		    }
1472 		  else if (c >= '0' && c <= '4')
1473 		    {
1474 		      /* ESC <Fp> for start/end composition.  */
1475 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_7))
1476 			mask_found |= CODING_CATEGORY_MASK_ISO_7;
1477 		      else
1478 			mask &= ~CODING_CATEGORY_MASK_ISO_7;
1479 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_7_TIGHT))
1480 			mask_found |= CODING_CATEGORY_MASK_ISO_7_TIGHT;
1481 		      else
1482 			mask &= ~CODING_CATEGORY_MASK_ISO_7_TIGHT;
1483 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_8_1))
1484 			mask_found |= CODING_CATEGORY_MASK_ISO_8_1;
1485 		      else
1486 			mask &= ~CODING_CATEGORY_MASK_ISO_8_1;
1487 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_8_2))
1488 			mask_found |= CODING_CATEGORY_MASK_ISO_8_2;
1489 		      else
1490 			mask &= ~CODING_CATEGORY_MASK_ISO_8_2;
1491 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_7_ELSE))
1492 			mask_found |= CODING_CATEGORY_MASK_ISO_7_ELSE;
1493 		      else
1494 			mask &= ~CODING_CATEGORY_MASK_ISO_7_ELSE;
1495 		      if (COMPOSITION_OK (CODING_CATEGORY_IDX_ISO_8_ELSE))
1496 			mask_found |= CODING_CATEGORY_MASK_ISO_8_ELSE;
1497 		      else
1498 			mask &= ~CODING_CATEGORY_MASK_ISO_8_ELSE;
1499 		      break;
1500 		    }
1501 		  else
1502 		    /* Invalid escape sequence.  Just ignore.  */
1503 		    break;
1504 	
1505 		  /* We found a valid designation sequence for CHARSET.  */
1506 		  mask &= ~CODING_CATEGORY_MASK_ISO_8BIT;

At conditional (11): "charset == 0" taking false path
At conditional (12): "charset == 158" taking false path
At conditional (13): "charset == 128" taking false path
At conditional (14): "charset >= 0" taking true path
At conditional (15): "charset <= 254" taking false path
At conditional (16): "charset < 240" taking false path
At conditional (17): "((charset >= 0 && charset <= 254 && (Vcharset_table & -8)->contents[((charset == 0) ? 0 : ((charset + 128)))] != Qnil) ? ((((0), ((Vcharset_table & -8)->contents[((charset == 0) ? 0 : ((charset + 128)))] & -8))->contents[2] >> 3 == 1) ? 1 : (0)) : (((charset < 240) ? 1 : (0)))) != 0" taking false path
At conditional (18): "charset < 240" taking false path

1507 		  c = MAKE_CHAR (charset, 0, 0);

Event overrun-local: Overrun of static array "(((coding_system_table[2])->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"
At conditional (19): "coding_system_table[2] != 0" taking true path
At conditional (20): "charset == 0" taking false path
At conditional (21): "safe_chars == Qt" taking true path

1508 		  if (CHARSET_OK (CODING_CATEGORY_IDX_ISO_7, charset, c))
1509 		    mask_found |= CODING_CATEGORY_MASK_ISO_7;
1510 		  else
1511 		    mask &= ~CODING_CATEGORY_MASK_ISO_7;
1512 		  if (CHARSET_OK (CODING_CATEGORY_IDX_ISO_7_TIGHT, charset, c))
1513 		    mask_found |= CODING_CATEGORY_MASK_ISO_7_TIGHT;
1514 		  else
1515 		    mask &= ~CODING_CATEGORY_MASK_ISO_7_TIGHT;
1516 		  if (CHARSET_OK (CODING_CATEGORY_IDX_ISO_7_ELSE, charset, c))
1517 		    mask_found |= CODING_CATEGORY_MASK_ISO_7_ELSE;
1518 		  else
1519 		    mask &= ~CODING_CATEGORY_MASK_ISO_7_ELSE;
1520 		  if (CHARSET_OK (CODING_CATEGORY_IDX_ISO_8_ELSE, charset, c))
1521 		    mask_found |= CODING_CATEGORY_MASK_ISO_8_ELSE;
1522 		  else
1523 		    mask &= ~CODING_CATEGORY_MASK_ISO_8_ELSE;

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Problem report #35  FALSE
  2006-04-11 15:49 Problem report #35 Dan Nicolaescu
@ 2006-04-14  1:39 ` Kenichi Handa
  0 siblings, 0 replies; 2+ messages in thread
From: Kenichi Handa @ 2006-04-14  1:39 UTC (permalink / raw)


In article <200604111549.k3BFnZsb015132@scanner2.ics.uci.edu>, Dan Nicolaescu <dann@ics.uci.edu> writes:

> CID: 35
> Checker: OVERRUN_STATIC (help)
> File: emacs/src/coding.c
> Function: detect_coding_iso2022
> Description: Overrun of static array "(((coding_system_table[2])->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"

This is the same case as Problem report #34.  This is not a bug.

---
Kenichi Handa
handa@m17n.org

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2006-04-14  1:39 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-11 15:49 Problem report #35 Dan Nicolaescu
2006-04-14  1:39 ` Problem report #35 FALSE Kenichi Handa

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).