* Problem report #34
@ 2006-04-09 7:00 Dan Nicolaescu
2006-04-10 1:45 ` Kenichi Handa
0 siblings, 1 reply; 4+ messages in thread
From: Dan Nicolaescu @ 2006-04-09 7:00 UTC (permalink / raw)
ERROR
CID: 34
Checker: OVERRUN_STATIC (help)
File: emacs/src/coding.c
Function: decode_coding_iso2022
Description: Overrun of static array "(((coding)->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"
At conditional (1): "(coding)->flags & 65536 == 0" taking false path
1995 if (! (coding->flags & CODING_FLAG_ISO_DESIGNATION))
1996 goto label_invalid_code;
At conditional (2): "src >= src_end" taking false path
At conditional (3): "0" taking false path
1997 ONE_MORE_BYTE (c1);
At conditional (4): "c1 >= 64" taking false path
1998 if (c1 >= '@' && c1 <= 'B')
1999 { /* designation of JISX0208.1978, GB2312.1980,
2000 or JISX0208.1980 */
2001 DECODE_DESIGNATION (0, 2, 94, c1);
2002 }
At conditional (5): "c1 >= 40" taking true path
At conditional (6): "c1 <= 43" taking false path
2003 else if (c1 >= 0x28 && c1 <= 0x2B)
2004 { /* designation of DIMENSION2_CHARS94 character set */
2005 ONE_MORE_BYTE (c2);
2006 DECODE_DESIGNATION (c1 - 0x28, 2, 94, c2);
2007 }
At conditional (7): "c1 >= 44" taking true path
At conditional (8): "c1 <= 47" taking true path
2008 else if (c1 >= 0x2C && c1 <= 0x2F)
2009 { /* designation of DIMENSION2_CHARS96 character set */
At conditional (9): "src >= src_end" taking false path
At conditional (10): "0" taking false path
2010 ONE_MORE_BYTE (c2);
Event overrun-local: Overrun of static array "(((coding)->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"
At conditional (11): "c2 < 48" taking false path
At conditional (12): "c2 >= 128" taking false path
At conditional (13): "charset == 0" taking false path
At conditional (14): "charset == 158" taking false path
At conditional (15): "charset == 128" taking false path
At conditional (16): "charset >= 0" taking true path
At conditional (17): "charset <= 254" taking false path
At conditional (18): "charset < 240" taking false path
At conditional (19): "((charset >= 0 && charset <= 254 && (Vcharset_table & -8)->contents[((charset == 0) ? 0 : ((charset + 128)))] != Qnil) ? ((((0), ((Vcharset_table & -8)->contents[((charset == 0) ? 0 : ((charset + 128)))] & -8))->contents[2] >> 3 == 1) ? 1 : (0)) : (((charset < 240) ? 1 : (0)))) != 0" taking false path
At conditional (20): "charset < 240" taking false path
At conditional (21): "charset >= 0" taking true path
2011 DECODE_DESIGNATION (c1 - 0x2C, 2, 96, c2);
2012 }
2013 else
2014 goto label_invalid_code;
2015 /* We must update these variables now. */
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: Problem report #34
2006-04-09 7:00 Problem report #34 Dan Nicolaescu
@ 2006-04-10 1:45 ` Kenichi Handa
2006-04-10 6:39 ` Ken Raeburn
0 siblings, 1 reply; 4+ messages in thread
From: Kenichi Handa @ 2006-04-10 1:45 UTC (permalink / raw)
In article <200604090700.k397038g005571@scanner2.ics.uci.edu>, Dan Nicolaescu <dann@ics.uci.edu> writes:
> ERROR
> CID: 34
> Checker: OVERRUN_STATIC (help)
> File: emacs/src/coding.c
> Function: decode_coding_iso2022
> Description: Overrun of static array "(((coding)->spec).iso2022).requested_designation" of size 255 at position 255 with index variable "charset"
As it is assured that "charset <= 255", this is not an error.
---
Kenichi Handa
handa@m17n.org
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Problem report #34
2006-04-10 1:45 ` Kenichi Handa
@ 2006-04-10 6:39 ` Ken Raeburn
2006-04-10 6:52 ` Kenichi Handa
0 siblings, 1 reply; 4+ messages in thread
From: Ken Raeburn @ 2006-04-10 6:39 UTC (permalink / raw)
Cc: emacs-devel
On Apr 9, 2006, at 21:45, Kenichi Handa wrote:
> In article <200604090700.k397038g005571@scanner2.ics.uci.edu>, Dan
> Nicolaescu <dann@ics.uci.edu> writes:
>
>> ERROR
>> CID: 34
>> Checker: OVERRUN_STATIC (help)
>> File: emacs/src/coding.c
>> Function: decode_coding_iso2022
>> Description: Overrun of static array "(((coding)-
>> >spec).iso2022).requested_designation" of size 255 at position 255
>> with index variable "charset"
>
> As it is assured that "charset <= 255", this is not an error.
But requested_designation only has 255 elements -- indices 0 through
254.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Problem report #34
2006-04-10 6:39 ` Ken Raeburn
@ 2006-04-10 6:52 ` Kenichi Handa
0 siblings, 0 replies; 4+ messages in thread
From: Kenichi Handa @ 2006-04-10 6:52 UTC (permalink / raw)
Cc: emacs-devel
In article <7274DD0D-375F-4B01-B77C-91FC03399B9A@raeburn.org>, Ken Raeburn <raeburn@raeburn.org> writes:
>>> Description: Overrun of static array "(((coding)-
>>> >spec).iso2022).requested_designation" of size 255 at position 255
>>> with index variable "charset"
>>
>> As it is assured that "charset <= 255", this is not an error.
> But requested_designation only has 255 elements -- indices 0 through
> 254.
Oops, it was my typo. It is assured that "charset <= 254".
In charset.h, we have this definition.
/* Maximum value of overall charset identification number. */
#define MAX_CHARSET 0xFE
---
Kenichi Handa
handa@m17n.org
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-04-10 6:52 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-09 7:00 Problem report #34 Dan Nicolaescu
2006-04-10 1:45 ` Kenichi Handa
2006-04-10 6:39 ` Ken Raeburn
2006-04-10 6:52 ` Kenichi Handa
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).