bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs

From: Eli Zaretskii
Subject: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Date: Fri, 07 Oct 2022 15:16:44 +0300 
> From: Po Lu <luangruo@yahoo.com>
> Cc: Eli Zaretskii <eliz@gnu.org>,  58334@debbugs.gnu.org
> Date: Fri, 07 Oct 2022 20:12:58 +0800
> 
> In the recent past, Emacs also used to run Lisp as part of the character
> conversion of keyboard input, straight from handle_one_xevent:
> 
>           if (nchars < nbytes)
>             {
>               /* Decode the input data.  */
> 
>               /* The input should be decoded with `coding_system'
>                  which depends on which X*LookupString function
>                  we used just above and the locale.  */
>               setup_coding_system (coding_system, &coding);
>               coding.src_multibyte = false;
>               coding.dst_multibyte = true;
>               /* The input is converted to events, thus we can't
>                  handle composition.  Anyway, there's no XIM that
>                  gives us composition information.  */
>               coding.common_flags &= ~CODING_ANNOTATION_MASK;
> 
>               SAFE_NALLOCA (coding.destination, MAX_MULTIBYTE_LENGTH,
>                             nbytes);
>               coding.dst_bytes = MAX_MULTIBYTE_LENGTH * nbytes;
>               coding.mode |= CODING_MODE_LAST_BLOCK;
>               decode_coding_c_string (&coding, copy_bufptr, nbytes, Qnil);
>               nbytes = coding.produced;
>               nchars = coding.produced_char;
>               copy_bufptr = coding.destination;
>             }
> 
> How come that never caused problems?

Why should it cause problems? what kind of problems?
reply via email to
[Prev in Thread] Current Thread [Next in Thread]