GNU bug report logs -
#6855
24.0.50; Bug in tool bar label handling
Previous Next
Reported by: Johan Bockgård <bojohan <at> gnu.org>
Date: Sat, 14 Aug 2010 12:47:02 UTC
Severity: normal
Found in version 24.0.50
Done: Jan Djärv <jan.h.d <at> swipnet.se>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 6855 in the body.
You can then email your comments to 6855 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
owner <at> debbugs.gnu.org, jan.h.d <at> swipnet.se, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sat, 14 Aug 2010 12:47:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Johan Bockgård <bojohan <at> gnu.org>:
New bug report received and forwarded. Copy sent to
jan.h.d <at> swipnet.se, bug-gnu-emacs <at> gnu.org.
(Sat, 14 Aug 2010 12:47:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
There are some bugs in the handling of tool bar labels that can cause
Emacs to crash.
### gtkutil.c: update_frame_tool_bar ###
char *label = SSDATA (PROP (TOOL_BAR_ITEM_LABEL));
Here we take string data out.
### keyboard.c: parse_tool_bar_item ###
else if (EQ (key, QClabel))
{
/* `:label LABEL-STRING'. */
PROP (TOOL_BAR_ITEM_LABEL) = value;
have_label = 1;
}
But here we put an arbitrary object in.
...
if (!have_label)
...
char buf[64];
EMACS_INT max_lbl = 2*tool_bar_max_label_size;
Lisp_Object new_lbl;
if (strlen (caption) < max_lbl && caption[0] != '\0')
{
strcpy (buf, caption);
tool-bar-max-label-size is a user variable, so this can mean a buffer
overflow.
...
if (SCHARS (new_lbl) <= tool_bar_max_label_size)
PROP (TOOL_BAR_ITEM_LABEL) = new_lbl;
If we came here but the branch is not taken, the label will be nil,
not a string.
Reply sent
to
Jan Djärv <jan.h.d <at> swipnet.se>:
You have taken responsibility.
(Sun, 15 Aug 2010 08:20:03 GMT)
Full text and
rfc822 format available.
Notification sent
to
Johan Bockgård <bojohan <at> gnu.org>:
bug acknowledged by developer.
(Sun, 15 Aug 2010 08:20:03 GMT)
Full text and
rfc822 format available.
Message #10 received at 6855-done <at> debbugs.gnu.org (full text, mbox):
Johan Bockgård skrev 2010-08-14 14.04:
>
> There are some bugs in the handling of tool bar labels that can cause
> Emacs to crash.
>
>
>
> ### gtkutil.c: update_frame_tool_bar ###
>
> char *label = SSDATA (PROP (TOOL_BAR_ITEM_LABEL));
>
> Here we take string data out.
>
>
>
> ### keyboard.c: parse_tool_bar_item ###
>
> else if (EQ (key, QClabel))
> {
> /* `:label LABEL-STRING'. */
> PROP (TOOL_BAR_ITEM_LABEL) = value;
> have_label = 1;
> }
>
> But here we put an arbitrary object in.
>
We kind of assume people do the sensible thing and put in strings. It is the
same as for help and image. If Emacs crashes because somebody didn't put
in a string, that is actually a good thing IMHO. The error becomes very
apparent then.
>
> ...
>
> if (!have_label)
>
> ...
> char buf[64];
> EMACS_INT max_lbl = 2*tool_bar_max_label_size;
> Lisp_Object new_lbl;
>
> if (strlen (caption)< max_lbl&& caption[0] != '\0')
> {
> strcpy (buf, caption);
>
> tool-bar-max-label-size is a user variable, so this can mean a buffer
> overflow.
>
>
> ...
> if (SCHARS (new_lbl)<= tool_bar_max_label_size)
> PROP (TOOL_BAR_ITEM_LABEL) = new_lbl;
>
> If we came here but the branch is not taken, the label will be nil,
> not a string.
>
I have checked in a fix for those two.
Thanks,
Jan D.
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sun, 15 Aug 2010 08:51:01 GMT)
Full text and
rfc822 format available.
Message #13 received at 6855 <at> debbugs.gnu.org (full text, mbox):
Jan Djärv <jan.h.d <at> swipnet.se> writes:
> We kind of assume people do the sensible thing and put in strings. It is the
> same as for help and image. If Emacs crashes because somebody didn't put
> in a string, that is actually a good thing IMHO. The error becomes very
> apparent then.
I don't agree. Emacs should be robust against type mismatches, crashing
is the worst possible reaction.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sun, 15 Aug 2010 10:21:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 6855 <at> debbugs.gnu.org (full text, mbox):
Andreas Schwab skrev 2010-08-15 10.51:
> Jan Djärv<jan.h.d <at> swipnet.se> writes:
>
>> We kind of assume people do the sensible thing and put in strings. It is the
>> same as for help and image. If Emacs crashes because somebody didn't put
>> in a string, that is actually a good thing IMHO. The error becomes very
>> apparent then.
>
> I don't agree. Emacs should be robust against type mismatches, crashing
> is the worst possible reaction.
If the documentation states that one should use STRING, and somebody puts in
nil or a lambda expression or a symbol, that is a usage error. Being robust
against this kind of error by ignoring the faulty input just hides the error
and makes people think it is OK to misuse things. Better then to crash, that
way action is usually taken at once. Hidden errors can linger for years...
Jan D.
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sun, 15 Aug 2010 10:37:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 6855 <at> debbugs.gnu.org (full text, mbox):
Jan Djärv <jan.h.d <at> swipnet.se> writes:
> If the documentation states that one should use STRING, and somebody puts
> in nil or a lambda expression or a symbol, that is a usage error.
Sure. But crashing is a bug.
> Better then to crash
No, never.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sun, 15 Aug 2010 11:41:02 GMT)
Full text and
rfc822 format available.
Message #22 received at 6855 <at> debbugs.gnu.org (full text, mbox):
> Date: Sun, 15 Aug 2010 12:21:37 +0200
> From: Jan Djärv <jan.h.d <at> swipnet.se>
> Cc: 6855 <at> debbugs.gnu.org
>
> If the documentation states that one should use STRING, and somebody puts in
> nil or a lambda expression or a symbol, that is a usage error. Being robust
> against this kind of error by ignoring the faulty input just hides the error
> and makes people think it is OK to misuse things. Better then to crash, that
> way action is usually taken at once. Hidden errors can linger for years...
Crash or hide are not the only alternatives. You can signal an error,
for instance. Sometimes doing so is not a good idea, like in the
middle of redisplay (because displaying the error message reenters
redisplay again, and you have an infinite loop on your hands). For
these situations, the solution is to display something prominent and
acutely visible instead of the invalid data, so that it stands out and
catches the user's eye. For example, if the menu item is bad, display
something like "!!??GARBLED ITEM??!!" instead.
In general, I agree with Andreas: it is better not to crash, if we can
avoid that with a reasonable effort.
Information forwarded
to
owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6855; Package
emacs.
(Sun, 15 Aug 2010 23:45:02 GMT)
Full text and
rfc822 format available.
Message #25 received at 6855 <at> debbugs.gnu.org (full text, mbox):
> I don't agree. Emacs should be robust against type mismatches,
> crashing is the worst possible reaction.
Unless of course that robustness is requested of `type-of', in which
case presumably Andreas waffles and TRT is to simply not use a type
macthing feature that may cause Emacs to crash, e.g. this recent
comment re bug#6835:
,----
|
| > `type-of' does consistently bring down my Emacs.
|
| Try without type-of.
|
| Andreas.
|
`---- http://lists.gnu.org/archive/html/bug-gnu-emacs/2010-08/msg00337.html
:-P
> Andreas.
--
/s_P\
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Mon, 13 Sep 2010 11:24:06 GMT)
Full text and
rfc822 format available.
This bug report was last modified 14 years and 288 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.