[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: texinfo-6.0.91 pretest

From: Gavin Smith
Subject: Re: texinfo-6.0.91 pretest
Date: Fri, 1 Jan 2016 15:29:12 +0000

On 1 January 2016 at 14:53, Eli Zaretskii <address@hidden> wrote:
> Any ideas?  There are several calls to mbrtowc in xspara__add_next.
> Btw, why is mbrtowc called with its 3rd argument 10?  There are no
> such long multibyte sequences, AFAIK, and the value should IMO never
> be greater than the actual number of bytes in the variable whose
> address is passed as the 2nd arg.  No?

That is possibly the cause of the crash. 10 was just a long-ish number
I chose at random, it should have been 4 for the maximum length of a
character. I was relying on a null terminator stopping reading past
the end of the allocated memory, but that may not always be so. It
should be possible to supply the exact number of bytes left in the
input as the argument; I'll work on doing this.

BTW this strikes me as strange:

Reading from location 01a4ffff

The ffff would make sense if memory protection was done in blocks of
10000 (hex), and here we've strayed into a protected part of memory.
But I expect it would be more likely to read bytes in increasing
order, meaning we'd stray into xxx0000. If changing the argument to
mbrtowc fixes the problem, we needn't worry about it.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]