rfivet/uemacs
1
0
Fork 0
mirror of https://github.com/rfivet/uemacs.git synced 2025-01-31 04:27:20 -05:00
Code Releases Activity

Avoid memory access errors if llength() overflows

Browse Source 
llength() is currently a 'short' which can overflow and result in signed
numbers if line lengths are larger than 32k.  We'll fix the overflow
separately, but before we do that, just use a signed int to hold the
value so that we don't overrun memory allocations when we converted that
negative number to a large positive unsigned integer.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Linus Torvalds 2013-02-22 14:29:43 -08:00
parent 8899ed4e1f
commit 25f0141df1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
display.c
View File

@ -442,7 +442,7 @@ static int reframe(struct window *wp)
static void show_line(struct line *lp) static void show_line(struct line *lp)
{ {
unsigned i = 0, len = llength(lp); int i = 0, len = llength(lp);
while (i < len) { while (i < len) {
unicode_t c; unicode_t c;