GNU bug report logs -
#5601
23.1; etags Scheme_functions past \0 terminator
Previous Next
Reported by: Kevin Ryde <user42 <at> zip.com.au>
Date: Fri, 19 Feb 2010 00:15:02 UTC
Severity: normal
Done: Chong Yidong <cyd <at> stupidchicken.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
In etags.c Scheme_functions, I think the loop
while (notinname (*bp))
bp++;
will take bp past the '\0' string terminator, because '\0' is a
notinname().
I can't spot any obvious ill effect, only that a line of only
(define
is tagged, perhaps depending on what was on the line before it. In any
case doesn't sound good to look into possibly uninitialized parts of the
input buffer. (Another helper skip_notinname() to try to be clearer
than a double-negative loop :-)
2010-02-19 Kevin Ryde <user42 <at> zip.com.au>
* etags.c (Scheme_functions): Don't go past '\0' terminator.
(skip_notinname): New helper.
[etags.c.scheme-terminator.diff (text/x-diff, attachment)]
[Message part 3 (text/plain, inline)]
In GNU Emacs 23.1.1 (i486-pc-linux-gnu, GTK+ Version 2.16.5)
of 2009-09-14 on raven, modified by Debian
configured using `configure '--build=i486-linux-gnu' '--host=i486-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs23:/etc/emacs:/usr/local/share/emacs/23.1/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/23.1/site-lisp:/usr/share/emacs/site-lisp:/usr/share/emacs/23.1/leim' '--with-x=yes' '--with-x-toolkit=gtk' '--with-toolkit-scroll-bars' 'build_alias=i486-linux-gnu' 'host_alias=i486-linux-gnu' 'CFLAGS=-DDEBIAN -g -O2' 'LDFLAGS=-g' 'CPPFLAGS=''
This bug report was last modified 15 years and 95 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.