Avoid crashes due to objects read with the #n=object form
* src/lread.c (read1): Use Fcons for 'placeholder', not AUTO_CONS, because elements of the list in 'read_objects' cannot be allocated off the stack. (Bug#24640)
This commit is contained in:
Eli Zaretskii
parent
4de671d844
commit
10835b18cd
1 changed files with 12 additions and 1 deletions
13
src/lread.c
13
src/lread.c
|
|
@ -2845,7 +2845,18 @@ read1 (Lisp_Object readcharfun, int *pch, bool first_in_list)
|
|||
if (c == '=')
|
||||
{
|
||||
/* Make a placeholder for #n# to use temporarily. */
|
||||
AUTO_CONS (placeholder, Qnil, Qnil);
|
||||
/* Note: We used to use AUTO_CONS to allocate
|
||||
placeholder, but that is a bad idea, since it
|
||||
will place a stack-allocated cons cell into
|
||||
the list in read_objects, which is a
|
||||
staticpro'd global variable, and thus each of
|
||||
its elements is marked during each GC. A
|
||||
stack-allocated object will become garbled
|
||||
when its stack slot goes out of scope, and
|
||||
some other function reuses it for entirely
|
||||
different purposes, which will cause crashes
|
||||
in GC. */
|
||||
Lisp_Object placeholder = Fcons (Qnil, Qnil);
|
||||
Lisp_Object cell = Fcons (make_number (n), placeholder);
|
||||
read_objects = Fcons (cell, read_objects);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue