From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Stefan Monnier <monnier@iro.umontreal.ca>
Newsgroups: gmane.emacs.devel
Subject: Re: [Emacs-diffs] master 5b5f441: read_key_sequence: correct the
	handling of raw_keybuf in recursive calls
Date: Mon, 20 Nov 2017 15:09:45 -0500
Message-ID: <jwvvai4lnri.fsf-monnier+emacsdiffs@gnu.org>
References: <20171120181209.23553.97060@vcs0.savannah.gnu.org>
	<20171120181210.7946F20416@vcs0.savannah.gnu.org>
	<jwv8tf0sso1.fsf-monnier+emacsdiffs@gnu.org>
	<20171120195918.GB3917@ACM>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: blaine.gmane.org 1511208639 31719 195.159.176.226 (20 Nov 2017 20:10:39 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Mon, 20 Nov 2017 20:10:39 +0000 (UTC)
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
Cc: emacs-devel@gnu.org
To: Alan Mackenzie <acm@muc.de>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Nov 20 21:10:33 2017
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1eGsOk-0007k7-Hv
	for ged-emacs-devel@m.gmane.org; Mon, 20 Nov 2017 21:10:30 +0100
Original-Received: from localhost ([::1]:59482 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1eGsOr-0007Vp-TD
	for ged-emacs-devel@m.gmane.org; Mon, 20 Nov 2017 15:10:37 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:34507)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1eGsOC-0007Vj-1H
	for emacs-devel@gnu.org; Mon, 20 Nov 2017 15:09:56 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1eGsO7-0006TG-LS
	for emacs-devel@gnu.org; Mon, 20 Nov 2017 15:09:55 -0500
Original-Received: from pmta21.teksavvy.com ([76.10.157.36]:25103)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <monnier@iro.umontreal.ca>) id 1eGsO7-0006Sx-FU
	for emacs-devel@gnu.org; Mon, 20 Nov 2017 15:09:51 -0500
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2HLBAByNRNa/3HQSC1bHAEBAQQBAQoBA?=
	=?us-ascii?q?YM8gVSdbYIRkV2HAgoThSgChH1DFAEBAQEBAQEBAQNoKIUgBnkQCw0BJgcLFBg?=
	=?us-ascii?q?xijirAyECilMBAQEHAgElgzSCB4M+gyuLEwWTCI82oH8ohzFIlWqBOjYjgXQ0I?=
	=?us-ascii?q?Qgygy6DEIFsI4wIAQEB?=
X-IPAS-Result: =?us-ascii?q?A2HLBAByNRNa/3HQSC1bHAEBAQQBAQoBAYM8gVSdbYIRkV2?=
	=?us-ascii?q?HAgoThSgChH1DFAEBAQEBAQEBAQNoKIUgBnkQCw0BJgcLFBgxijirAyECilMBA?=
	=?us-ascii?q?QEHAgElgzSCB4M+gyuLEwWTCI82oH8ohzFIlWqBOjYjgXQ0IQgygy6DEIFsI4w?=
	=?us-ascii?q?IAQEB?=
X-IronPort-AV: E=Sophos;i="5.44,429,1505793600"; 
   d="scan'208";a="9466046"
Original-Received: from unknown (HELO fmsmemgm.homelinux.net) ([45.72.208.113])
	by smtp.teksavvy.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
	20 Nov 2017 15:09:50 -0500
Original-Received: by fmsmemgm.homelinux.net (Postfix, from userid 20848)
	id 5EFEEAE13D; Mon, 20 Nov 2017 15:09:45 -0500 (EST)
In-Reply-To: <20171120195918.GB3917@ACM> (Alan Mackenzie's message of "Mon, 20
	Nov 2017 19:59:18 +0000")
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 76.10.157.36
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:220311
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/220311>

>> >  	    /* Calling read_char with COMMANDFLAG = -2 avoids
>> >  	       redisplay in read_char and its subroutines.  */
>> >  	    key = read_char (prevent_redisplay ? -2 : NILP (prompt),
>> >  		             current_binding, last_nonmenu_event,
>> >                               &used_mouse_menu, NULL);
>> > +            raw_keybuf_count = outer_raw_keybuf_count;
>> > +            raw_keybuf = outer_raw_keybuf;
>> But here I worry: what if `read_char` exits non-locally because of
>> a signal or a throw?
> raw_keybuf{,_count} should then be re-initialised in command_loop_1 to
> the static buffer variables, just before the call to read_key_sequence.

But this `read_char` is within read_key_sequence: this read_key_sequence
may have been called from anywhere, so after we exit it (non-locally),
we may end up running arbitrary Elisp code before we return to
command_loop_1, can't we?  And during this time we'll have raw_keybuf
pointing to an out-of-date stack location, which seems
eminently dangerous.

I think we need to setup an unwind protection of some kind.


        Stefan