[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: address@hidden (Pavel Janík)] Re: crash in emacs-21.1
From: |
Kenichi Handa |
Subject: |
Re: address@hidden (Pavel Janík)] Re: crash in emacs-21.1 |
Date: |
Tue, 30 Oct 2001 21:15:01 +0900 (JST) |
User-agent: |
SEMI/1.14.3 (Ushinoya) FLIM/1.14.2 (Yagi-Nishiguchi) APEL/10.2 Emacs/21.0.107 (sparc-sun-solaris2.6) MULE/5.0 (SAKAKI) |
address@hidden (Pavel Janík) writes:
> From: "Sadinoff, Daniel" <address@hidden>
> Date: Thu, 25 Oct 2001 18:38:53 -0400
>> newly reduced set of .elc's are available at
>> http://www.sadinoff.com/tmp/crasher.tar.gz
>>
>> I've narrowed it down to two of the .elcs.
Thank you! With this, I found a bug in read1 (in lread.c).
It was me who introduced this bug. :-(
In that function, the function str_as_multibyte (in
charset.c) is called three times all in this form:
p = read_buffer + str_as_multibyte (read_buffer, end - read_buffer,
p - read_buffer, &nchars);
But, before calling it, we must assure that `end -
read_buffer' is sufficient to hold the converted byte
sequence. How many bytes str_as_multibyte will require can
be checked by the function parse_str_as_multibyte which is
defined as below:
/* Parse unibyte text at STR of LEN bytes as multibyte text, and
count the numbers of characters and bytes in it. On counting
bytes, pay attention to the fact that 8-bit characters in the range
0x80..0x9F are represented by 2 bytes in multibyte text. */
void
parse_str_as_multibyte (str, len, nchars, nbytes)
unsigned char *str;
int len, *nchars, *nbytes;
{
}
If NBYTES set by this function is greater than `end -
read_buffer', we must realloc read_buffer in the similar way
as lines 2129..2135 of lread.c.
{
int offset = p - read_buffer;
read_buffer = (char *) xrealloc (read_buffer,
read_buffer_size *= 2);
p = read_buffer + offset;
end = read_buffer + read_buffer_size;
}
Is this information enough? Gerd, could you install a
proper fix?
---
Ken'ichi HANDA
address@hidden