Re: PATCH: fix for memory corruption and eventual crash in print.c

all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: YAMAMOTO Mitsuharu <mituharu@math.s.chiba-u.ac.jp>
To: "Ami Fischman" <ami@fischman.org>
Cc: emacs-devel@gnu.org
Subject: Re: PATCH: fix for memory corruption and eventual crash in print.c
Date: Sun, 06 Jul 2008 16:45:04 +0900	[thread overview]
Message-ID: <wl8wwflam7.wl%mituharu@math.s.chiba-u.ac.jp> (raw)
In-Reply-To: <b5a678470807052111i6bb3b283q1c931d2529ed4e0a@mail.gmail.com>

>>>>> On Sat, 5 Jul 2008 21:11:14 -0700, "Ami Fischman" <ami@fischman.org> said:

> src/print.c:print_object() has this code:

>    1570       if (NILP (Vprint_circle) && NILP (Vprint_gensym))
> [...]
>    1581           being_printed[print_depth] = obj;
> [...]
>    1611   print_depth++;
>    1612
>    1613   /* See similar code in print_preprocess.  */
>    1614   if (print_depth > PRINT_CIRCLE)
>    1615     error ("Apparently circular structure being printed");

> Note that being_printed[print_depth] is assigned to /before/ print_depth is
> checked for exceeding PRINT_CIRCLE (the declared size of being_printed).

This reminds me of a similar buffer overrun that had existed in
`print_preprocess' also with respect to `being_printed'.

  http://lists.gnu.org/archive/html/emacs-devel/2004-07/msg00146.html

I think a fix for `print_object' should go to the EMACS_22_BASE branch
as well as the trunk so it may not be missed.  Another candidate for
the inclusion to the EMACS_22_BASE branch would be the PNG background
color bit-depth fix below:

2008-05-09  Chong Yidong  <cyd@stupidchicken.com>

	* image.c (png_load): Use correct bit-depth for setting background
	color.

				     YAMAMOTO Mitsuharu
				mituharu@math.s.chiba-u.ac.jp

next prev parent reply	other threads:[~2008-07-06  7:45 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-06  4:11 PATCH: fix for memory corruption and eventual crash in print.c Ami Fischman
2008-07-06  7:45 ` YAMAMOTO Mitsuharu [this message]
2008-07-06 13:51   ` Chong Yidong
2008-07-07 10:03     ` YAMAMOTO Mitsuharu
2008-07-07 13:56       ` Chong Yidong
2008-07-21  5:06 ` Chong Yidong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=wl8wwflam7.wl%mituharu@math.s.chiba-u.ac.jp \
    --to=mituharu@math.s.chiba-u.ac.jp \
    --cc=ami@fischman.org \
    --cc=emacs-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.