From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 29 Jul 2011 05:09:32 +0000 (-0700)
Subject: * xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.
X-Git-Tag: emacs-pretest-24.0.90~104^2~152^2~92
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=1d526e2f33eb2615944717c9231bc1d27aef1117;p=emacs.git

* xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.
---

diff --git a/src/ChangeLog b/src/ChangeLog
index f8e5ca78b33..1f288a48f2f 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,7 @@
 2011-07-29  Paul Eggert  <eggert@cs.ucla.edu>
 
+	* xsmfns.c (smc_save_yourself_CB): Check for size calc overflow.
+
 	* xselect.c: Integer and memory overflow issues.
 	(X_LONG_SIZE, X_USHRT_MAX, X_ULONG_MAX): New macros.
 	Use them to make the following changes clearer.
diff --git a/src/xsmfns.c b/src/xsmfns.c
index cb56ae648d1..217087dbae7 100644
--- a/src/xsmfns.c
+++ b/src/xsmfns.c
@@ -223,6 +223,9 @@ smc_save_yourself_CB (SmcConn smcConn,
   props[props_idx]->name = xstrdup (SmRestartCommand);
   props[props_idx]->type = xstrdup (SmLISTofARRAY8);
   /* /path/to/emacs, --smid=xxx --no-splash --chdir=dir ... */
+  if (min (INT_MAX, min (PTRDIFF_MAX, SIZE_MAX) / sizeof *vp) - 3
+      < initial_argc)
+    memory_full (SIZE_MAX);
   i = 3 + initial_argc;
   props[props_idx]->num_vals = i;
   vp = (SmPropValue *) xmalloc (i * sizeof(*vp));