Add assertion to guard 'read' calls on MS-Windows

* src/sysdep.c (emacs_intr_read): Assert that NBYTES never overflows a 32-bit int.
2018-02-20 05:58:58 +02:00
parent 071a0a5712
commit 3d42272754
1 changed files with 8 additions and 0 deletions
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -2566,6 +2566,14 @@ emacs_intr_read (int fd, void *buf, ptrdiff_t nbyte, bool interruptible)

  /* There is no need to check against MAX_RW_COUNT, since no caller ever
     passes a size that large to emacs_read.  */
+#ifdef WINDOWSNT
+  /* On MS-Windows, 'read's last argument is declared as 'unsigned
+     int', and the return value's type (see 'sys_read') is 'int'.
+     This might cause trouble, especially in 64-bit builds, if the
+     above comment ever becomes incorrect.  The following assertion
+     should make us more future-proof.  */
+  eassert (nbyte <= INT_MAX);
+#endif
  do
    {
      if (interruptible)