From: Po Lu via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: "Gerd Möllmann" <gerd.moellmann@gmail.com>
Cc: 58334@debbugs.gnu.org, Eli Zaretskii <eliz@gnu.org>
Subject: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Date: Fri, 07 Oct 2022 20:12:58 +0800 [thread overview]
Message-ID: <87mta7q1bp.fsf@yahoo.com> (raw)
In-Reply-To: <5481395d-f7d1-8b9f-59d5-f681c113f6dd@gmail.com> ("Gerd Möllmann"'s message of "Fri, 7 Oct 2022 14:08:02 +0200")
Gerd Möllmann <gerd.moellmann@gmail.com> writes:
> int count = inhibit_garbahe_collection ();
> redisplay ();
> unbind_to...
Why would you only inhibit garbage collection there? What if some
finalizer function calls preedit text inside process_pending_signals?
Also, what about where we decode X preconversion text?
In the recent past, Emacs also used to run Lisp as part of the character
conversion of keyboard input, straight from handle_one_xevent:
if (nchars < nbytes)
{
/* Decode the input data. */
/* The input should be decoded with `coding_system'
which depends on which X*LookupString function
we used just above and the locale. */
setup_coding_system (coding_system, &coding);
coding.src_multibyte = false;
coding.dst_multibyte = true;
/* The input is converted to events, thus we can't
handle composition. Anyway, there's no XIM that
gives us composition information. */
coding.common_flags &= ~CODING_ANNOTATION_MASK;
SAFE_NALLOCA (coding.destination, MAX_MULTIBYTE_LENGTH,
nbytes);
coding.dst_bytes = MAX_MULTIBYTE_LENGTH * nbytes;
coding.mode |= CODING_MODE_LAST_BLOCK;
decode_coding_c_string (&coding, copy_bufptr, nbytes, Qnil);
nbytes = coding.produced;
nchars = coding.produced_char;
copy_bufptr = coding.destination;
}
How come that never caused problems?
Thanks.
next prev parent reply other threads:[~2022-10-07 12:12 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-06 15:03 bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs Gerd Möllmann
2022-10-06 16:00 ` Eli Zaretskii
2022-10-06 18:01 ` Gerd Möllmann
2022-10-06 18:30 ` Eli Zaretskii
2022-10-06 18:36 ` Gerd Möllmann
2022-10-07 12:01 ` Eli Zaretskii
2022-10-07 12:03 ` Gerd Möllmann
2022-10-07 12:06 ` Eli Zaretskii
2022-10-07 12:08 ` Gerd Möllmann
2022-10-07 12:12 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2022-10-07 12:16 ` Eli Zaretskii
2022-10-07 12:23 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 12:14 ` Eli Zaretskii
2022-10-07 12:34 ` Gerd Möllmann
2022-10-07 0:37 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 5:06 ` Gerd Möllmann
2022-10-07 7:12 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 7:20 ` Gerd Möllmann
2022-10-07 0:46 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 5:23 ` Gerd Möllmann
2022-10-07 7:03 ` Eli Zaretskii
2022-10-07 7:20 ` Gerd Möllmann
2022-10-07 8:07 ` Gerd Möllmann
2022-10-07 8:36 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 8:54 ` Gerd Möllmann
2022-10-07 10:28 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 11:11 ` Gerd Möllmann
2022-10-07 11:19 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 11:34 ` Eli Zaretskii
2022-10-07 11:38 ` Gerd Möllmann
2022-10-07 11:29 ` Eli Zaretskii
2022-10-07 12:16 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 12:27 ` Eli Zaretskii
2022-10-07 11:19 ` Eli Zaretskii
2022-10-07 11:34 ` Gerd Möllmann
2022-10-07 11:13 ` Eli Zaretskii
2022-10-07 11:08 ` Eli Zaretskii
2022-10-07 11:29 ` Gerd Möllmann
2022-10-07 11:44 ` Eli Zaretskii
2022-10-07 12:01 ` Gerd Möllmann
2022-10-07 12:05 ` Eli Zaretskii
2022-10-07 12:14 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 12:17 ` Gerd Möllmann
2022-10-07 12:22 ` Po Lu via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 12:36 ` Gerd Möllmann
2022-10-08 6:58 ` Gerd Möllmann
2022-10-08 7:59 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mta7q1bp.fsf@yahoo.com \
--to=bug-gnu-emacs@gnu.org \
--cc=58334@debbugs.gnu.org \
--cc=eliz@gnu.org \
--cc=gerd.moellmann@gmail.com \
--cc=luangruo@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.