Avoid crashes due to objects read with the #n=object form
* src/lread.c (read1): Use Fcons for 'placeholder', not AUTO_CONS, because elements of the list in 'read_objects' cannot be allocated off the stack. (Bug#24640)
This commit is contained in:
Eli Zaretskii
parent
4de671d844
commit
10835b18cd
1 changed files with 12 additions and 1 deletions
13
src/lread.c
13
src/lread.c
|
|
@ -2845,7 +2845,18 @@ read1 (Lisp_Object readcharfun, int *pch, bool first_in_list)
|
||||||
if (c == '=')
|
if (c == '=')
|
||||||
{
|
{
|
||||||
/* Make a placeholder for #n# to use temporarily. */
|
/* Make a placeholder for #n# to use temporarily. */
|
||||||
AUTO_CONS (placeholder, Qnil, Qnil);
|
/* Note: We used to use AUTO_CONS to allocate
|
||||||
|
placeholder, but that is a bad idea, since it
|
||||||
|
will place a stack-allocated cons cell into
|
||||||
|
the list in read_objects, which is a
|
||||||
|
staticpro'd global variable, and thus each of
|
||||||
|
its elements is marked during each GC. A
|
||||||
|
stack-allocated object will become garbled
|
||||||
|
when its stack slot goes out of scope, and
|
||||||
|
some other function reuses it for entirely
|
||||||
|
different purposes, which will cause crashes
|
||||||
|
in GC. */
|
||||||
|
Lisp_Object placeholder = Fcons (Qnil, Qnil);
|
||||||
Lisp_Object cell = Fcons (make_number (n), placeholder);
|
Lisp_Object cell = Fcons (make_number (n), placeholder);
|
||||||
read_objects = Fcons (cell, read_objects);
|
read_objects = Fcons (cell, read_objects);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue