From: Paul Eggert Date: Fri, 29 Jul 2011 05:27:47 +0000 (-0700) Subject: Alphabetize the long ChangeLog entry. X-Git-Tag: emacs-pretest-24.0.90~104^2~152^2~90 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=726e0ab18e84ce0df6b9dc1612bf4d92b9d1e52a;p=emacs.git Alphabetize the long ChangeLog entry. --- diff --git a/src/ChangeLog b/src/ChangeLog index b005b461ed4..1796455e557 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,17 +1,188 @@ 2011-07-29 Paul Eggert - * xterm.c: Integer and memory overflow issues. - (x_color_cells, handle_one_xevent, x_term_init): + Integer and memory overflow issues. + + * bidi.c (bidi_shelve_header_size): New constant. + (bidi_cache_ensure_space, bidi_shelve_cache): Use it. + (bidi_cache_ensure_space): Avoid integer overflow when allocating. + + * buffer.c (overlays_at, overlays_in, record_overlay_string) + (overlay_strings): + Don't update size of array until after memory allocation succeeds, + because xmalloc/xrealloc may not return. + + * callproc.c (child_setup): Don't assume strlen fits in int. + + * ccl.c (Fccl_execute_on_string): Check for memory overflow. + Use ptrdiff_t rather than EMACS_INT where ptrdiff_t will do. + Redo buffer-overflow calculations to avoid integer overflow. + + * character.c (Fstring): Check for size-calculation overflow. + + * coding.c (produce_chars): Redo buffer-overflow calculations to avoid + unnecessary integer overflow. Check for size overflow. + (encode_coding_object): Don't update size until xmalloc succeeds. + + * composite.c (get_composition_id): Check for overflow in glyph + length calculations. + + Integer and memory overflow fixes for display code. + * dispextern.h (struct glyph_pool.nglyphs): Now ptrdiff_t, not int. + * dispnew.c (adjust_glyph_matrix, realloc_glyph_pool) + (scrolling_window): Check for overflow in size calculations. + (line_draw_cost, realloc_glyph_pool, add_row_entry): + Don't assume glyph table len fits in int. + (struct row_entry.bucket, row_entry_pool_size, row_entry_idx) + (row_table_size): Now ptrdiff_t, not int. + (scrolling_window): Avoid overflow in size calculations. + Don't update size until allocation succeeds. + * fns.c (concat): Check for overflow in size calculations. + (next_almost_prime): Verify NEXT_ALMOST_PRIME_LIMIT. + * lisp.h (RANGED_INTEGERP, TYPE_RANGED_INTEGERP): New macros. + (NEXT_ALMOST_PRIME_LIMIT): New constant. + + * doc.c (get_doc_string_buffer_size): Now ptrdiff_t, not int. + (get_doc_string): Check for size calculation overflow. + Don't update size until allocation succeeds. + (get_doc_string, Fsubstitute_command_keys): Use ptrdiff_t, not + EMACS_INT, where ptrdiff_t will do. + (Fsubstitute_command_keys): Check for string overflow. + + * editfns.c (set_time_zone_rule): Don't assume environment length + fits in int. + (message_length): Now ptrdiff_t, not int. + (Fmessage_box): Don't update size until allocation succeeds. + Don't assume message length fits in int. + (Fformat): Use ptrdiff_t, not EMACS_INT, where ptrdiff_t will do. + + * emacs.c (main, sort_args): Check for size-calculation overflow. + + * eval.c (init_eval_once, grow_specpdl): Don't update size until + alloc succeeds. + (call_debugger, grow_specpdl): Redo calculations to avoid overflow. + + * frame.c (set_menu_bar_lines, x_set_frame_parameters) + (x_set_scroll_bar_width, x_figure_window_size): + Check for integer overflow. + (x_set_alpha): Do not assume XINT fits in int. + + * frame.h (struct frame): Use int, not EMACS_INT, where int works. + This is for the members text_lines, text_cols, total_lines, total_cols, + where the system imposes an 'int' limit. + + * fringe.c (Fdefine_fringe_bitmap): + Don't update size until alloc works. + + * ftfont.c (ftfont_get_open_type_spec, setup_otf_gstring) + (ftfont_shape_by_flt): Check for integer overflow in size calculations. + + * gtkutil.c (get_utf8_string, xg_store_widget_in_map): + Check for size-calculation overflow. + (get_utf8_string): Use ptrdiff_t, not size_t, where either will + do, as we prefer signed integers. + (id_to_widget.max_size, id_to_widget.used) + (xg_store_widget_in_map, xg_remove_widget_from_map) + (xg_get_widget_from_map, xg_get_scroll_id_for_window) + (xg_remove_scroll_bar, xg_update_scrollbar_pos): + Use and return ptrdiff_t, not int. + (xg_gtk_scroll_destroy): Don't assume ptrdiff_t fits in int. + * gtkutil.h: Change prototypes to match the above. + + * image.c (RANGED_INTEGERP, TYPE_RANGED_INTEGERP): Remove; these + are duplicate now that they've been promoted to lisp.h. + (x_allocate_bitmap_record, x_alloc_image_color) + (make_image_cache, cache_image, xpm_load): + Don't update size until alloc is done. + (xpm_load, lookup_rgb_color, lookup_pixel_color, x_to_xcolors) + (x_detect_edges): Check for size calculation overflow. - (x_color_cells): Don't store size until memory allocation succeeds. - (handle_one_xevent): Use ptrdiff_t, not int, for byte counts. - (x_term_init): Don't assume length fits in int (sprintf is limited - to int size). + (ct_colors_allocated_max): New constant. + (x_to_xcolors, x_detect_edges): Reorder multiplicands to avoid + overflow. - * xsmfns.c (smc_save_yourself_CB): Check for size calc overflow. + * keyboard.c (read_char, menu_bar_items, tool_bar_items) + (read_char_x_menu_prompt, read_char_minibuf_menu_width) + (read_char_minibuf_menu_prompt, follow_key, read_key_sequence): + Use ptrdiff_t, not int, to count maps. + (read_char_minibuf_menu_prompt): Check for overflow in size + calculations. Don't update size until allocation succeeds. Redo + calculations to avoid overflow. + * keyboard.h: Change prototypes to match the above. + + * keymap.c (cmm_size, current_minor_maps): Use ptrdiff_t, not int, + to count maps. + (current_minor_maps): Check for size calculation overflow. + * keymap.h: Change prototypes to match the above. + + * lread.c (read1, init_obarray): Don't update size until alloc done. + + * macros.c (Fstart_kbd_macro): Don't update size until alloc done. + (store_kbd_macro_char): Reorder multiplicands to avoid overflow. + + * minibuf.c (read_minibuf_noninteractive): Don't leak memory + on memory overflow. + + * nsterm.h (struct ns_color_table.size, struct ns_color_table.avail): + Now ptrdiff_t, not int. + * nsterm.m (ns_index_color): Use ptrdiff_t, not int, for table indexes. + (ns_draw_fringe_bitmap): Rewrite to avoid overflow. + + * process.c (Fnetwork_interface_list): Check for overflow + in size calculation. + + * region-cache.c (move_cache_gap): Check for size calculation overflow. + + * scroll.c (do_line_insertion_deletion_costs): Check for size calc + overflow. Don't bother calling xmalloc when xrealloc will do. + + * search.c (Freplace_match): Check for size calculation overflow. + (Fset_match_data): Don't assume list lengths fit in 'int'. + + * sysdep.c (system_process_attributes): Use ptrdiff_t, not int, + for command line length. Do not attempt to address one before the + beginning of an array, as that's not portable. + + * term.c (max_frame_lines): Remove; unused. + (encode_terminal_src_size, encode_terminal_dst_size): Now ptrdiff_t, + not int. + (encode_terminal_code, calculate_costs): Check for size + calculation overflow. + (encode_terminal_code): Use ptrdiff_t, not int, to record glyph + table lengths and related sizes. Don't update size until alloc + done. Redo calculations to avoid overflow. + (calculate_costs): Don't bother calling xmalloc when xrealloc will do. + + * termcap.c (tgetent): Use ptrdiff_t, not int, to record results of + subtracting pointers. + (gobble_line): Check for overflow more carefully. Don't update size + until alloc done. + + * tparam.c (tparam1): Use ptrdiff_t, not int, for sizes. + Don't update size until alloc done. + Redo size calculations to avoid overflow. + Check for size calculation overflow. + + * xdisp.c (store_mode_line_noprop_char, x_consider_frame_title): + Use ptrdiff_t, not int, for sizes. + (store_mode_line_noprop_char): Don't update size until alloc done. + + * xfaces.c (Finternal_make_lisp_face): Use ptrdiff_t, not int, for + sizes. Check for size calculation overflow. + (cache_face): Do not overflow in size calculation. + + * xfns.c (x_encode_text, x_set_name_internal) + (Fx_change_window_property): Use ptrdiff_t, not int, to count + sizes, since they can exceed INT_MAX in size. Check for size + calculation overflow. + + * xgselect.c (xg_select): Check for size calculation overflow. + Don't update size until alloc done. + + * xrdb.c (magic_file_p): Plug memory leak on size overflow. + (get_environ_db): Don't assume path length fits in int, + as sprintf is limited to int lengths. - * xselect.c: Integer and memory overflow issues. - (X_LONG_SIZE, X_USHRT_MAX, X_ULONG_MAX): New macros. + * xselect.c (X_LONG_SIZE, X_USHRT_MAX, X_ULONG_MAX): New macros. Use them to make the following changes clearer. (MAX_SELECTION_QUANTUM): Make the other bounds on this value clearer. This change doesn't affect the value now, but it may help remind @@ -56,203 +227,14 @@ a wider type due to X limits. (x_handle_dnd_message): Use unsigned int, to avoid int overflow. - * xrdb.c: Integer and memory overflow issues. - (magic_file_p): Plug memory leak on size overflow. - (get_environ_db): Don't assume path length fits in int, - as sprintf is limited to int lengths. - - * xgselect.c (xg_select): Check for size calculation overflow. - Don't update size until alloc done. - - * xfns.c: Integer and memory overflow fixes. - (x_encode_text, x_set_name_internal, Fx_change_window_property): - Use ptrdiff_t, not int, to count sizes, since they can exceed - INT_MAX in size. Check for size calculation overflow. - - * xfaces.c: Integer and memory overflow fixes. - (Finternal_make_lisp_face): Use ptrdiff_t, not int, for sizes. - Check for size calculation overflow. - (cache_face): Do not overflow in size calculation. - - * xdisp.c: Integer and memory overflow fixes. - (store_mode_line_noprop_char, x_consider_frame_title): - Use ptrdiff_t, not int, for sizes. - (store_mode_line_noprop_char): Don't update size until alloc done. - - * tparam.c: Integer and memory overflow fixes. - (tparam1): Use ptrdiff_t, not int, for sizes. - Don't update size until alloc done. - Redo size calculations to avoid overflow. - Check for size calculation overflow. - - * termcap.c: Integer and memory overflow issues. - (tgetent): Use ptrdiff_t, not int, to record results of - subtracting pointers. - (gobble_line): Check for overflow more carefully. Don't update size - until alloc done. - - * term.c: Integer and memory overflow issues. - (max_frame_lines): Remove; unused. - (encode_terminal_src_size, encode_terminal_dst_size): Now ptrdiff_t, - not int. - (encode_terminal_code, calculate_costs): Check for size - calculation overflow. - (encode_terminal_code): Use ptrdiff_t, not int, to record glyph - table lengths and related sizes. Don't update size until alloc - done. Redo calculations to avoid overflow. - (calculate_costs): Don't bother calling xmalloc when xrealloc will do. - - * sysdep.c: Integer and memory overflow issues. - (system_process_attributes): Use ptrdiff_t, not int, for command - line length. Do not attempt to address one before the beginning - of an array, as that's not portable. - - * search.c: Integer and memory overflow fixes. - (Freplace_match): Check for size calculation overflow. - (Fset_match_data): Don't assume list lengths fit in 'int'. - - * scroll.c: Integer and memory overflow fixes. - (do_line_insertion_deletion_costs): Check for size calculation overflow. - Don't bother calling xmalloc when xrealloc will do. - - * region-cache.c (move_cache_gap): Check for size calculation overflow. - - * process.c (Fnetwork_interface_list): Check for overflow - in size calculation. - - * nsterm.h (struct ns_color_table.size, struct ns_color_table.avail): - Now ptrdiff_t, not int. - * nsterm.m (ns_index_color): Use ptrdiff_t, not int, for table indexes. - (ns_draw_fringe_bitmap): Rewrite to avoid overflow. - - * minibuf.c (read_minibuf_noninteractive): Don't leak memory - on memory overflow. - - * macros.c: Integer and memory overflow fixes. - (Fstart_kbd_macro): Don't update size until alloc done. - (store_kbd_macro_char): Reorder multiplicands to avoid overflow. - - * lread.c (read1, init_obarray): Don't update size until alloc done. - - * keymap.c: Integer overflow fixes. - (cmm_size, current_minor_maps): Use ptrdiff_t, not int, to count maps. - (current_minor_maps): Check for size calculation overflow. - * keymap.h: Change prototypes to match the above. - - * keyboard.c: Integer and memory overflow fixes. - (read_char, menu_bar_items, tool_bar_items, read_char_x_menu_prompt) - (read_char_minibuf_menu_width, read_char_minibuf_menu_prompt) - (follow_key, read_key_sequence): Use ptrdiff_t, not int, to count maps. - (read_char_minibuf_menu_prompt): Check for overflow in size - calculations. Don't update size until allocation succeeds. Redo - calculations to avoid overflow. - * keyboard.h: Change prototypes to match the above. + * xsmfns.c (smc_save_yourself_CB): Check for size calc overflow. - * image.c: Integer and memory overflow fixes. - (RANGED_INTEGERP, TYPE_RANGED_INTEGERP): Remove; these are duplicate - now that they've been promoted to lisp.h. - (x_allocate_bitmap_record, x_alloc_image_color) - (make_image_cache, cache_image, xpm_load): - Don't update size until alloc is done. - (xpm_load, lookup_rgb_color, lookup_pixel_color, x_to_xcolors) - (x_detect_edges): + * xterm.c (x_color_cells, handle_one_xevent, x_term_init): Check for size calculation overflow. - (ct_colors_allocated_max): New constant. - (x_to_xcolors, x_detect_edges): Reorder multiplicands to avoid - overflow. - -2011-07-28 Paul Eggert - - * gtkutil.c: Integer overflow fixes. - (get_utf8_string, xg_store_widget_in_map): - Check for size-calculation overflow. - (get_utf8_string): Use ptrdiff_t, not size_t, where either will - do, as we prefer signed integers. - (id_to_widget.max_size, id_to_widget.used) - (xg_store_widget_in_map, xg_remove_widget_from_map) - (xg_get_widget_from_map, xg_get_scroll_id_for_window) - (xg_remove_scroll_bar, xg_update_scrollbar_pos): - Use and return ptrdiff_t, not int. - (xg_gtk_scroll_destroy): Don't assume ptrdiff_t fits in int. - * gtkutil.h: Change prototypes to match the above. - - * ftfont.c: Check for size overflow. - (ftfont_get_open_type_spec, setup_otf_gstring, ftfont_shape_by_flt): - Check for integer overflow in size calculations. - - * fringe.c (Fdefine_fringe_bitmap): Don't update size until alloc works. - - * frame.h (struct frame): Use int, not EMACS_INT, where int works. - This is for the members text_lines, text_cols, total_lines, total_cols, - where the system imposes an 'int' limit. - - * frame.c: Integer overflow fixes. - (set_menu_bar_lines, x_set_frame_parameters, x_set_scroll_bar_width) - (x_figure_window_size): Check for integer overflow. - (x_set_alpha): Do not assume XINT fits in int. - - * eval.c: Integer and memory overflow fixes. - (init_eval_once, grow_specpdl): Don't update size until alloc succeeds. - (call_debugger, grow_specpdl): Redo calculations to avoid overflow. - - * emacs.c (main, sort_args): Check for size-calculation overflow. - - * editfns.c: Integer and memory overflow fixes. - (set_time_zone_rule): Don't assume environment length fits in int. - (message_length): Now ptrdiff_t, not int. - (Fmessage_box): Don't update size until allocation succeeds. - Don't assume message length fits in int. - (Fformat): Use ptrdiff_t, not EMACS_INT, where ptrdiff_t will do. - - * doc.c: Integer and memory overflow fixes. - (get_doc_string_buffer_size): Now ptrdiff_t, not int. - (get_doc_string): Check for size calculation overflow. - Don't update size until allocation succeeds. - (get_doc_string, Fsubstitute_command_keys): Use ptrdiff_t, not - EMACS_INT, where ptrdiff_t will do. - (Fsubstitute_command_keys): Check for string overflow. - - Integer and memory overflow fixes for display code. - * dispextern.h (struct glyph_pool.nglyphs): Now ptrdiff_t, not int. - * dispnew.c (adjust_glyph_matrix, realloc_glyph_pool, scrolling_window): - Check for overflow in size calculations. - (line_draw_cost, realloc_glyph_pool, add_row_entry): - Don't assume glyph table len fits in int. - (struct row_entry.bucket, row_entry_pool_size, row_entry_idx) - (row_table_size): Now ptrdiff_t, not int. - (scrolling_window): Avoid overflow in size calculations. - Don't update size until allocation succeeds. - * fns.c (concat): Check for overflow in size calculations. - (next_almost_prime): Verify NEXT_ALMOST_PRIME_LIMIT. - * lisp.h (RANGED_INTEGERP, TYPE_RANGED_INTEGERP): New macros. - (NEXT_ALMOST_PRIME_LIMIT): New constant. - - * composite.c: Integer overflow fixes. - (get_composition_id): Check for overflow in glyph length calculations. - - * coding.c: Integer and memory overflow fixes. - (produce_chars): Redo buffer-overflow calculations to avoid - unnecessary integer overflow. Check for size overflow. - (encode_coding_object): Don't update size until xmalloc succeeds. - - * character.c (Fstring): Check for size-calculation overflow. - - * ccl.c: Integer and memory overflow fixes. - (Fccl_execute_on_string): Check for memory overflow. - Use ptrdiff_t rather than EMACS_INT where ptrdiff_t will do. - Redo buffer-overflow calculations to avoid integer overflow. - - * callproc.c (child_setup): Don't assume strlen fits in int. - - * buffer.c: Memory overflow fixes. - (overlays_at, overlays_in, record_overlay_string, overlay_strings): - Don't update size of array until after memory allocation succeeds, - because xmalloc/xrealloc may not return. - - * bidi.c: Integer overflow fix. - (bidi_shelve_header_size): New constant. - (bidi_cache_ensure_space, bidi_shelve_cache): Use it. - (bidi_cache_ensure_space): Avoid integer overflow when allocating. + (x_color_cells): Don't store size until memory allocation succeeds. + (handle_one_xevent): Use ptrdiff_t, not int, for byte counts. + (x_term_init): Don't assume length fits in int (sprintf is limited + to int size). 2011-07-19 Paul Eggert