integer overflow in xemacs
Nico Golde writes:
during the analysis of CVE-2007-6109 and if this affects
xemacs Florian Weimer and me recognized a problem in the
xemacs code:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457764#10
Do you actually have an exploit? If so, we should fix the particular
use, not change the macro.
As you must know, alloca is a performance optimization. Any extra
checks will tend to defeat that purpose.
_______________________________________________
XEmacs-Beta mailing list
XEmacs-Beta(a)xemacs.org
http://calypso.tux.org/cgi-bin/mailman/listinfo/xemacs-beta