[PATCH21.5] Dumper overflow fix
Thank Uno for catching this. Some day I'll get the Uno framework set up
all the way ... This patch fixes an off-by-one error that could lead to
overflow of the static backtrace array. While we're at it, let's get
rid of those nasty magic numbers.
src/ChangeLog addition:
2005-03-26 Jerry James <james(a)xemacs.org>
* dumper.c (BACKTRACE_MAX): New constant defining length of static
backtrace array.
* dumper.c (pdump_bump_depth): Use it, and avoid buffer overflow
by fixing comparison.
xemacs-21.5 source patch:
Diff command: cvs -q diff -uN
Files affected: src/dumper.c
Index: src/dumper.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/dumper.c,v
retrieving revision 1.25
diff -d -u -r1.25 dumper.c
--- src/dumper.c 2005/02/04 03:01:20 1.25
+++ src/dumper.c 2005/03/27 04:35:55
@@ -520,12 +520,14 @@
return 0;
}
+#define BACKTRACE_MAX 65536
+
static struct
{
struct lrecord_header *obj;
int position;
int offset;
-} backtrace[65536];
+} backtrace[BACKTRACE_MAX];
static int pdump_depth;
@@ -568,7 +570,7 @@
pdump_bump_depth (void)
{
int me = pdump_depth++;
- if (me > 65536)
+ if (me >= BACKTRACE_MAX)
{
stderr_out ("Backtrace overflow, loop ?\n");
ABORT ();
--
Jerry James
http://www.ittc.ku.edu/~james/