From da64016efd7b728fa840ac01acef1456197850e0 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Mon, 4 Jul 2011 00:44:38 -0700 Subject: [PATCH] * editfns.c (Fformat_time_string): Don't assume strlen fits in int. Report string overflow if the output is too long. --- src/ChangeLog | 5 +++++ src/editfns.c | 10 +++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/src/ChangeLog b/src/ChangeLog index f861e8ed5f7..4ea54141142 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,8 @@ +2011-07-04 Paul Eggert + + * editfns.c (Fformat_time_string): Don't assume strlen fits in int. + Report string overflow if the output is too long. + 2011-07-04 Juanma Barranquero * gnutls.c (Fgnutls_boot): Don't mention :verify-error. diff --git a/src/editfns.c b/src/editfns.c index c470c9be985..bb36d0dee71 100644 --- a/src/editfns.c +++ b/src/editfns.c @@ -1700,7 +1700,7 @@ For example, to produce full ISO 8601 format, use "%Y-%m-%dT%T%z". */) (Lisp_Object format_string, Lisp_Object timeval, Lisp_Object universal) { time_t value; - int size; + ptrdiff_t size; int usec; int ns; struct tm *tm; @@ -1717,7 +1717,9 @@ For example, to produce full ISO 8601 format, use "%Y-%m-%dT%T%z". */) Vlocale_coding_system, 1); /* This is probably enough. */ - size = SBYTES (format_string) * 6 + 50; + size = SBYTES (format_string); + if (size <= (STRING_BYTES_BOUND - 50) / 6) + size = size * 6 + 50; BLOCK_INPUT; tm = ut ? gmtime (&value) : localtime (&value); @@ -1730,7 +1732,7 @@ For example, to produce full ISO 8601 format, use "%Y-%m-%dT%T%z". */) while (1) { char *buf = (char *) alloca (size + 1); - int result; + size_t result; buf[0] = '\1'; BLOCK_INPUT; @@ -1749,6 +1751,8 @@ For example, to produce full ISO 8601 format, use "%Y-%m-%dT%T%z". */) SBYTES (format_string), tm, ut, ns); UNBLOCK_INPUT; + if (STRING_BYTES_BOUND <= result) + string_overflow (); size = result + 1; } } -- 2.39.2