GNU bug report logs - #58334
29.0.50; ASAN heap use after free in gui_produce_glyphs

Previous Next

Package: emacs;

Reported by: Gerd Möllmann <gerd.moellmann <at> gmail.com>

Date: Thu, 6 Oct 2022 15:04:01 UTC

Severity: normal

Found in version 29.0.50

Full log

Message #74 received at 58334 <at> debbugs.gnu.org (full text, mbox):

From: Gerd Möllmann <gerd.moellmann <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: luangruo <at> yahoo.com, 58334 <at> debbugs.gnu.org
Subject: Re: bug#58334: 29.0.50; ASAN heap use after free in gui_produce_glyphs
Date: Fri, 07 Oct 2022 13:29:38 +0200

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Gerd Möllmann <gerd.moellmann <at> gmail.com>
>> Cc: Po Lu <luangruo <at> yahoo.com>,  58334 <at> debbugs.gnu.org
>> Date: Fri, 07 Oct 2022 10:07:01 +0200
>> 
>> Gerd Möllmann <gerd.moellmann <at> gmail.com> writes:
>> 
>> > Eli Zaretskii <eliz <at> gnu.org> writes:
>> >> IOW, I don't see how block_input anywhere can solve this particular
>> >> problem.
>> >
>> > I wonder too.
>> 
>> And, while vaccuming, I also wondered what happens with the glyph
>> matrices, and maybe other global state?
>
> Fvertical_motion (and other functions that call the move_it_*
> functions) in general don't rely on glyph matrices.  So I'm not sure
> what exactly worries you.

I not yet worried, just wondering :-).

If we don't change some other shared state, then we're safe if we
prevent freeing faces?  That's would be good.
This bug report was last modified 2 years and 312 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.