GNU bug report logs - #7446
Emacs 23.2 [windows] - Buffer overrun bug with ebrowse.exe

Previous Next

Package: emacs;

Reported by: Joe Matarazzo <joe.matarazzo <at> gmail.com>

Date: Sat, 20 Nov 2010 00:36:01 UTC

Severity: normal

Tags: patch

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 7446 in the body.
You can then email your comments to 7446 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#7446; Package emacs. (Sat, 20 Nov 2010 00:36:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Joe Matarazzo <joe.matarazzo <at> gmail.com>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Sat, 20 Nov 2010 00:36:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Joe Matarazzo <joe.matarazzo <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Emacs 23.2 [windows] - Buffer overrun bug with ebrowse.exe
Date: Fri, 19 Nov 2010 16:39:49 -0800

When the input file ends with a C++ style "//" comment line, without a
newline at the end, the parser will attempt to read past the end of
the input buffer. This produces undefined results, among them putting
the parser in a bogus state that makes all subsequent input files
parse incorrectly. Here's a possible fix:


--- old/ebrowse.c  2010-04-03 15:26:07 -0700
+++ new/ebrowse.c    2010-11-19 16:36:13 -0800
@@ -1784,6 +1784,10 @@
             case '/':
              while (GET (c) && c != '\n')
                ;
+
+              if (c == 0)
+                return YYEOF;
+
              INCREMENT_LINENO;
              break;

I'm not subscribed to the list. Please direct any follow up questions
directly to my email.

Thanks,
Joe
Added tag(s) patch. Request was from Stefan Monnier <monnier <at> iro.umontreal.ca> to control <at> debbugs.gnu.org. (Sun, 21 Nov 2010 19:23:02 GMT) Full text and rfc822 format available.
Reply sent to Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility. (Sat, 27 Nov 2010 09:26:02 GMT) Full text and rfc822 format available.
Notification sent to Joe Matarazzo <joe.matarazzo <at> gmail.com>:
bug acknowledged by developer. (Sat, 27 Nov 2010 09:26:02 GMT) Full text and rfc822 format available.

Message #12 received at 7446-done <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Joe Matarazzo <joe.matarazzo <at> gmail.com>
Cc: 7446-done <at> debbugs.gnu.org
Subject: Re: bug#7446: Emacs 23.2 [windows] - Buffer overrun bug with
	ebrowse.exe
Date: Sat, 27 Nov 2010 11:32:03 +0200

> Date: Fri, 19 Nov 2010 16:39:49 -0800
> From: Joe Matarazzo <joe.matarazzo <at> gmail.com>
> Cc: 
> 
> When the input file ends with a C++ style "//" comment line, without a
> newline at the end, the parser will attempt to read past the end of
> the input buffer. This produces undefined results, among them putting
> the parser in a bogus state that makes all subsequent input files
> parse incorrectly. Here's a possible fix:

Thanks, I applied this patch to the Emacs 23 branch.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sat, 25 Dec 2010 12:24:04 GMT) Full text and rfc822 format available.
This bug report was last modified 14 years and 232 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.