CVS update by aidan xemacs/src ...

Wed Aug 22 11:10:36 EDT 2007

User: aidan   
  Date: 07/08/22 17:10:36

  Modified:    xemacs/src ChangeLog dumper.c text.h
Log:
Patch from Nix; fix buffer overrun in pdump_load()
See

87y7r4lzwf.fsf at hades.wkstn.nix , also

http://calypso.tux.org/pipermail/xemacs-patches/2006-October/000017.html

for explanation

Revision  Changes    Path
1.1090    +6 -0      XEmacs/xemacs/src/ChangeLog

Index: ChangeLog
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/ChangeLog,v
retrieving revision 1.1089
retrieving revision 1.1090
diff -u -p -r1.1089 -r1.1090

--- ChangeLog	2007/08/21 20:32:33	1.1089
+++ ChangeLog	2007/08/22 15:10:10	1.1090
@@ -1,3 +1,9 @@
+2006-10-26  Nix  <nix at esperi.org.uk>
+
+	* dumper.c (pdump_load): Statically allocate a large enough
+	exe_path for all conceivable uses. Fixes a buffer overrun.
+	* text.h (MAX_XETCHAR_SIZE): Define, for PATH_MAX_EXTERNAL.
+
 2007-08-21  Aidan Kehoe  <kehoea at parhasard.net>
 
 	* mule-ccl.c (ccl_driver):



1.36      +2 -6      XEmacs/xemacs/src/dumper.c

Index: dumper.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/dumper.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -p -r1.35 -r1.36
--- dumper.c	2007/05/19 18:04:19	1.35
+++ dumper.c	2007/08/22 15:10:18	1.36
@@ -2659,7 +2659,7 @@ pdump_load (const Wexttext *argv0)
       wext_strcpy (exe_path, wexe);
     }
 #else /* !WIN32_NATIVE */
-  Wexttext *exe_path;
+  Wexttext exe_path[PATH_MAX_EXTERNAL];
   Wexttext *w;
   const Wexttext *dir, *p;
 
@@ -2693,8 +2693,7 @@ pdump_load (const Wexttext *argv0)
   if (p != dir)
     {
       /* invocation-name includes a directory component -- presumably it
-	 is relative to cwd, not $PATH */
-      exe_path = alloca_array (Wexttext, 1 + wext_strlen (dir));
+	 is relative to cwd, not $PATH. */
       wext_strcpy (exe_path, dir);
     }
   else
@@ -2702,9 +2701,6 @@ pdump_load (const Wexttext *argv0)
       const Wexttext *path = wext_getenv ("PATH"); /* not egetenv --
 						     not yet init. */
       const Wexttext *name = p;
-      exe_path = alloca_array (Wexttext,
-			       10 + max (wext_strlen (name),
-					 wext_strlen (path)));
       for (;;)
 	{
 	  p = path;



1.30      +2 -0      XEmacs/xemacs/src/text.h

Index: text.h
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/text.h,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -p -r1.29 -r1.30
--- text.h	2005/11/13 10:48:04	1.29
+++ text.h	2007/08/22 15:10:19	1.30
@@ -2988,6 +2988,7 @@ int wcsncmp_ascii (const wchar_t *s1, co
 /* Extra indirection needed in case of manifest constant as arg */
 #define WEXTSTRING_1(arg) L##arg
 #define WEXTSTRING(arg) WEXTSTRING_1(arg)
+#define MAX_XETCHAR_SIZE sizeof (WCHAR)
 #define wext_strlen wcslen
 #define wext_strcmp wcscmp
 #define wext_strncmp wcsncmp
@@ -3013,6 +3014,7 @@ int XCDECL wext_retry_open (const Wextte
 #else
 #define WEXTTEXT_ZTERM_SIZE sizeof (char)
 #define WEXTSTRING(arg) arg
+#define MAX_XETCHAR_SIZE sizeof (char)
 #define wext_strlen strlen
 #define wext_strcmp strcmp
 #define wext_strncmp strncmp



