From 2098e8afaf1c5235ba38c0156f680b8e435d9fdd Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Wed, 14 Aug 2019 18:24:02 -0700 Subject: [PATCH] Remove INT_ADD_WRAPV bug workarounds * src/alloc.c (free_cons): * src/casefiddle.c (do_casify_multibyte_string): * src/editfns.c (styled_format): * src/image.c (png_load_body): Remove recent workarounds for INT_ADD_WRAPV bugs since the bugs have been fixed (Bug#37006). --- src/alloc.c | 5 +---- src/casefiddle.c | 5 +---- src/editfns.c | 8 +++----- src/image.c | 8 +++----- 4 files changed, 8 insertions(+), 18 deletions(-) diff --git a/src/alloc.c b/src/alloc.c index 0548a09cb8b..bb8e97f8737 100644 --- a/src/alloc.c +++ b/src/alloc.c @@ -2543,10 +2543,7 @@ free_cons (struct Lisp_Cons *ptr) ptr->u.s.u.chain = cons_free_list; ptr->u.s.car = dead_object (); cons_free_list = ptr; - /* Use a temporary signed variable, since otherwise INT_ADD_WRAPV - might incorrectly return non-zero. */ - int incr = sizeof *ptr; - if (INT_ADD_WRAPV (consing_until_gc, incr, &consing_until_gc)) + if (INT_ADD_WRAPV (consing_until_gc, sizeof *ptr, &consing_until_gc)) consing_until_gc = INTMAX_MAX; gcstat.total_free_conses++; } diff --git a/src/casefiddle.c b/src/casefiddle.c index 741973e40af..ee292dda9b3 100644 --- a/src/casefiddle.c +++ b/src/casefiddle.c @@ -265,11 +265,8 @@ do_casify_multibyte_string (struct casing_context *ctx, Lisp_Object obj) ptrdiff_t size = SCHARS (obj), n; USE_SAFE_ALLOCA; - /* Use a temporary signed variable, since otherwise INT_ADD_WRAPV - might incorrectly return non-zero. */ - ptrdiff_t casing_str_buf_size = sizeof (struct casing_str_buf); if (INT_MULTIPLY_WRAPV (size, MAX_MULTIBYTE_LENGTH, &n) - || INT_ADD_WRAPV (n, casing_str_buf_size, &n)) + || INT_ADD_WRAPV (n, sizeof (struct casing_str_buf), &n)) n = PTRDIFF_MAX; unsigned char *dst = SAFE_ALLOCA (n); unsigned char *dst_end = dst + n; diff --git a/src/editfns.c b/src/editfns.c index 19bbfdcd478..1b33f397110 100644 --- a/src/editfns.c +++ b/src/editfns.c @@ -3158,14 +3158,12 @@ styled_format (ptrdiff_t nargs, Lisp_Object *args, bool message) /* Upper bound on number of format specs. Each uses at least 2 chars. */ ptrdiff_t nspec_bound = SCHARS (args[0]) >> 1; - /* Use a temporary signed variable, since otherwise INT_ADD_WRAPV - might incorrectly return non-zero. */ - ptrdiff_t info_size = sizeof *info, alloca_size; - if (INT_MULTIPLY_WRAPV (nspec_bound, info_size, &info_size) + /* Allocate the info and discarded tables. */ + ptrdiff_t info_size, alloca_size; + if (INT_MULTIPLY_WRAPV (nspec_bound, sizeof *info, &info_size) || INT_ADD_WRAPV (formatlen, info_size, &alloca_size) || SIZE_MAX < alloca_size) memory_full (SIZE_MAX); - /* Allocate the info and discarded tables. */ info = SAFE_ALLOCA (alloca_size); /* discarded[I] is 1 if byte I of the format string was not copied into the output. diff --git a/src/image.c b/src/image.c index b37851f0963..81d8cb4e2b2 100644 --- a/src/image.c +++ b/src/image.c @@ -6463,6 +6463,7 @@ png_load_body (struct frame *f, struct image *img, struct png_load_context *c) png_uint_32 row_bytes; bool transparent_p; struct png_memory_storage tbr; /* Data to be read */ + ptrdiff_t nbytes; Emacs_Pix_Container ximg, mask_img = NULL; /* Find out what file to load. */ @@ -6658,13 +6659,10 @@ png_load_body (struct frame *f, struct image *img, struct png_load_context *c) /* Number of bytes needed for one row of the image. */ row_bytes = png_get_rowbytes (png_ptr, info_ptr); - /* Use a temporary signed variable, since otherwise - INT_MULTIPLY_WRAPV might incorrectly return non-zero. */ - ptrdiff_t nbytes = sizeof *pixels; - if (INT_MULTIPLY_WRAPV (row_bytes, nbytes, &nbytes) + /* Allocate memory for the image. */ + if (INT_MULTIPLY_WRAPV (row_bytes, sizeof *pixels, &nbytes) || INT_MULTIPLY_WRAPV (nbytes, height, &nbytes)) memory_full (SIZE_MAX); - /* Allocate memory for the image. */ c->pixels = pixels = xmalloc (nbytes); c->rows = rows = xmalloc (height * sizeof *rows); for (i = 0; i < height; ++i)