martin/emacs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* image.c (cache_image): Check for size arithmetic overflow.

Browse Source
This commit is contained in:
Paul Eggert
2011-06-22 17:46:41 -07:00
parent 39019e5425
commit 7fcccf1efe
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ChangeLog
View File

@@ -1,3 +1,7 @@
2011-06-23 Paul Eggert <eggert@cs.ucla.edu>
* image.c (cache_image): Check for size arithmetic overflow.
2011-06-22 Paul Eggert <eggert@cs.ucla.edu>
* lread.c: Integer overflow issues.

2
src/image.c
View File

@@ -1836,6 +1836,8 @@ cache_image (struct frame *f, struct image *img)
/* If no free slot found, maybe enlarge c->images. */
if (i == c->used && c->used == c->size)
{
if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *c->images / 2 < c->size)
memory_full (SIZE_MAX);
c->size *= 2;
c->images = (struct image **) xrealloc (c->images,
c->size * sizeof *c->images);