2011-07-29 Paul Eggert <eggert@cs.ucla.edu>
+ * sysdep.c: Integer and memory overflow issues.
+ (system_process_attributes): Use ptrdiff_t, not int, for command
+ line length. Do not attempt to address one before the beginning
+ of an array, as that's not portable.
+
* search.c: Integer and memory overflow fixes.
(Freplace_match): Check for size calculation overflow.
(Fset_match_data): Don't assume list lengths fit in 'int'.
ssize_t nread;
const char *cmd = NULL;
char *cmdline = NULL;
- size_t cmdsize = 0, cmdline_size;
+ ptrdiff_t cmdsize = 0, cmdline_size;
unsigned char c;
int proc_id, ppid, uid, gid, pgrp, sess, tty, tpgid, thcount;
unsigned long long u_time, s_time, cutime, cstime, start;
if (fd >= 0)
{
char ch;
- for (cmdline_size = 0; emacs_read (fd, &ch, 1) == 1; cmdline_size++)
+ for (cmdline_size = 0; cmdline_size < STRING_BYTES_BOUND; cmdline_size++)
{
+ if (emacs_read (fd, &ch, 1) != 1)
+ break;
c = ch;
if (isspace (c) || c == '\\')
cmdline_size++; /* for later quoting, see below */
nread = 0;
}
/* We don't want trailing null characters. */
- for (p = cmdline + nread - 1; p > cmdline && !*p; p--)
+ for (p = cmdline + nread; p > cmdline + 1 && !p[-1]; p--)
nread--;
for (p = cmdline; p < cmdline + nread; p++)
{
projects / emacs.git / commitdiff