[C] fix for ffap crash on Windows (was: [Bug: 21.5-b27] [CRASH] (file-name-directory "1:"))
18 years, 1 month
Adrian Aichner
Adrian Aichner
COMMIT
Adrian Aichner <adrian(a)xemacs.org> writes:
> Apparently, wcslen naively dereferences its const wchar_t *ws argument
> without checking for a null pointer:
>
> wcslen(const unsigned short * 0x00000000) line 39 + 5 bytes
> XEMACS! 01206394()
>
> I've traced this down to src/intl-win32.c whose functions have blind
> faith in pointers they are being passed.
>
> sysdep.c also contains versions of various wchar functions without
> proper argument checking.
>
> Still investigating ...
>
Thanks for looking into this too, Steve!
The actual crash is caused by
Ibyte *
mswindows_getdcwd (int drivelet)
not considering a possible NULL return value of:
cwdext = _getdcwd (drivelet, NULL, 0);
I have put in NULL pointer tests in related areas and changed
DEFUN ("file-name-directory", Ffile_name_directory, 1, 1, 0, /*
to return nil in case
mswindows_getdcwd
returns a NULL working directory.
This now includes
illegal
non-existing
or unavailable
drives.
I'll also post a build report with one check-temacs-only regression,
which I don't think is related to this change.
Greetings!
Adrian
xemacs-21.5-clean ChangeLog patch:
Diff command: cvs -q diff -U 0
Files affected: src/ChangeLog
Index: src/ChangeLog
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/ChangeLog,v
retrieving revision 1.1003
diff -u -U0 -r1.1003 ChangeLog
--- src/ChangeLog 30 Oct 2006 11:36:59 -0000 1.1003
+++ src/ChangeLog 1 Nov 2006 20:22:53 -0000
@@ -0,0 +1,14 @@
+2006-11-01 Adrian Aichner <adrian(a)xemacs.org>
+
+ * sysdep.c (wcslen): Check for NULL pointer.
+ * sysdep.c (strlwr): Ditto.
+ * nt.c (mswindows_getdcwd): Ditto (actual cause of reported
+ crash).
+ * intl-win32.c (wcscmp): Ditto.
+ * intl-win32.c (wcslen): Ditto.
+ * intl-win32.c (wcsncpy): Ditto.
+ * intl-win32.c (wcscpy): Ditto.
+ * intl-win32.c (wcsdup): Ditto.
+ * fileio.c (Ffile_name_directory): Return Qnil when
+ mswindows_getdcwd returns NULL working directory.
+
@@ -42831 +42845 @@
-1998-03-09 Martin Buchholz <Martin Buchholz <martin(a)xemacs.org>>
+1998-03-09 Martin Buchholz <martin(a)xemacs.org>
@@ -42998 +43012 @@
-1998-03-02 Martin Buchholz <Martin Buchholz <martin(a)xemacs.org>>
+1998-03-02 Martin Buchholz <martin(a)xemacs.org>
@@ -45523 +45537 @@
-1997-11-05 Martin Buchholz <Martin Buchholz <martin(a)xemacs.org>>
+1997-11-05 Martin Buchholz <martin(a)xemacs.org>
xemacs-21.5-clean source patch:
Diff command: cvs -f -z3 -q diff -u -w -N
Files affected: src/fileio.c
===================================================================
RCS src/intl-win32.c
===================================================================
RCS src/nt.c
===================================================================
RCS src/sysdep.c
===================================================================
RCS
Index: src/sysdep.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/sysdep.c,v
retrieving revision 1.83
diff -u -w -r1.83 sysdep.c
--- src/sysdep.c 27 Sep 2005 05:32:21 -0000 1.83
+++ src/sysdep.c 1 Nov 2006 20:09:48 -0000
@@ -3491,6 +3491,7 @@
size_t
wcslen (const wchar_t *s)
{
+ if (s == NULL) return NULL;
const wchar_t *p = s;
while (*p++)
@@ -3508,6 +3509,7 @@
char *
strlwr (char *s)
{
+ if (s == NULL) return NULL;
REGISTER char *c;
for (c = s; *c; c++)
Index: src/nt.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/nt.c,v
retrieving revision 1.48
diff -u -w -r1.48 nt.c
--- src/nt.c 27 Dec 2005 18:51:30 -0000 1.48
+++ src/nt.c 1 Nov 2006 20:09:48 -0000
@@ -1819,6 +1819,7 @@
cwdext = (Extbyte *) _wgetdcwd (drivelet, NULL, 0);
else
cwdext = _getdcwd (drivelet, NULL, 0);
+ if (cwdext == NULL) return NULL;
TSTR_TO_C_STRING_MALLOC (cwdext, cwd);
xfree (cwdext, Extbyte *);
return cwd;
Index: src/intl-win32.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/intl-win32.c,v
retrieving revision 1.16
diff -u -w -r1.16 intl-win32.c
--- src/intl-win32.c 16 Sep 2005 08:51:26 -0000 1.16
+++ src/intl-win32.c 1 Nov 2006 20:09:48 -0000
@@ -1569,6 +1569,7 @@
int
wcscmp (const wchar_t *s1, const wchar_t *s2)
{
+ if (s1 == NULL || s2 == NULL) return NULL;
while (*s1 != '\0' && *s1 == *s2)
{
s1++;
@@ -1585,6 +1586,7 @@
size_t
wcslen (const wchar_t *str)
{
+ if (str == NULL) return NULL;
const wchar_t *start = str;
while (*str)
@@ -1598,6 +1600,7 @@
wchar_t *
wcsncpy (wchar_t *dst0, const wchar_t *src0, size_t count)
{
+ if (dst0 == NULL || src0 == NULL) return NULL;
wchar_t *dscan;
const wchar_t *sscan;
@@ -1618,6 +1621,7 @@
wchar_t *
wcscpy (wchar_t *dst0, const wchar_t *src0)
{
+ if (dst0 == NULL || src0 == NULL) return NULL;
wchar_t *s = dst0;
while ((*dst0++ = *src0++))
@@ -1629,6 +1633,7 @@
wchar_t *
wcsdup (const wchar_t *str)
{
+ if (str == NULL) return NULL;
int len = wcslen (str) + 1;
wchar_t *val = xnew_array (wchar_t, len);
Index: src/fileio.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/fileio.c,v
retrieving revision 1.106
diff -u -w -r1.106 fileio.c
--- src/fileio.c 27 Oct 2006 19:07:47 -0000 1.106
+++ src/fileio.c 1 Nov 2006 20:09:49 -0000
@@ -397,11 +397,20 @@
if (wd)
{
+ int size;
qxestrcat (res, wd);
- if (!IS_DIRECTORY_SEP (res[qxestrlen (res) - 1]))
- qxestrcat (res, (Ibyte *) "/");
+ size = qxestrlen (res);
+ if (!IS_DIRECTORY_SEP (res[size - 1]))
+ {
+ res[size] = DIRECTORY_SEP;
+ res[size + 1] = '\0';
+ }
beg = res;
p = beg + qxestrlen (beg);
+ }
+ else
+ {
+ return Qnil;
}
if (wd)
xfree (wd, Ibyte *);
--
Adrian Aichner
mailto:adrian@xemacs.org
http://www.xemacs.org/
_______________________________________________
XEmacs-Patches mailing list
XEmacs-Patches(a)xemacs.org
http://calypso.tux.org/cgi-bin/mailman/listinfo/xemacs-patches
- 1 participants
- 0 comments
[S] [PATCH] Fix broken -unmapped.
18 years, 1 month
Malcolm Purvis
Malcolm Purvis
SUPERSEDES m2u07e5ncc.fsf(a)silver.local
[I've discovered that I posted this patch ages ago but never committed it.]
Way back in April Giacomo Boffi reported that -unmapped was broken in 21.5.
This fixes it so once again no frame appears.
The problem was that the updated version of display-splash-screen called
pop-to-buffer, which mapped the frame. pop-to-buffer is moved to the
interactive function xemacs-splash-buffer instead.
Malcolm
lisp/ChangeLog addition:
2006-10-20 Malcolm Purvis <malcolmp(a)xemacs.org>
* startup.el (display-splash-screen): No longer bring buffer the
front. Fixes problems with -unmapped.
* startup.el (xemacs-splash-buffer): Pop splash buffer to the
front here instead.
xemacs-unmapped source patch:
Diff command: cvs-rw -q diff -u
Files affected: lisp/startup.el
Index: lisp/startup.el
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/lisp/startup.el,v
retrieving revision 1.56
diff -u -r1.56 startup.el
--- lisp/startup.el 2006/04/25 14:01:53 1.56
+++ lisp/startup.el 2006/10/20 12:32:22
@@ -1365,8 +1365,6 @@
(let* ((after-change-functions nil) ; no font-lock, thank you
(elements (cond (tty (splash-screen-tty-body))
(t (splash-screen-window-body)))))
- (pop-to-buffer (current-buffer))
- (delete-other-windows)
(splash-screen-present elements)
(set-buffer-modified-p nil))))
@@ -1377,6 +1375,8 @@
(set-buffer buffer)
(setq buffer-read-only nil)
(erase-buffer buffer)
+ (pop-to-buffer buffer)
+ (delete-other-windows)
(display-splash-screen)))
;; (let ((present-file
--
Malcolm Purvis <malcolmp(a)xemacs.org>
_______________________________________________
XEmacs-Patches mailing list
XEmacs-Patches(a)xemacs.org
http://calypso.tux.org/cgi-bin/mailman/listinfo/xemacs-patches
- 2 participants
- 2 comments