# HG changeset patch # User Chong Yidong # Date 1267366771 18000 # Node ID d8f04397b77a52dadd97fbbde091e65ecf8b6b50 # Parent 122dff72a8ee96c4292b46cd237f112e151e54ba Fix use of unitialized memory. * charset.c (load_charset_map_from_file) (load_charset_map_from_vector): Zero out allocated charset_map_entries before using them. diff -r 122dff72a8ee -r d8f04397b77a src/ChangeLog --- a/src/ChangeLog Sun Feb 28 12:36:39 2010 +0100 +++ b/src/ChangeLog Sun Feb 28 09:19:31 2010 -0500 @@ -1,3 +1,9 @@ +2010-02-28 Chong Yidong + + * charset.c (load_charset_map_from_file) + (load_charset_map_from_vector): Zero out allocated + charset_map_entries before using them. + 2010-02-27 Andreas Schwab * w32uniscribe.c (uniscribe_check_otf): Fix length check. diff -r 122dff72a8ee -r d8f04397b77a src/charset.c --- a/src/charset.c Sun Feb 28 12:36:39 2010 +0100 +++ b/src/charset.c Sun Feb 28 09:19:31 2010 -0500 @@ -531,6 +531,7 @@ SAFE_ALLOCA (head, struct charset_map_entries *, sizeof (struct charset_map_entries)); entries = head; + bzero (entries, sizeof (struct charset_map_entries)); n_entries = 0; eof = 0; @@ -557,6 +558,7 @@ SAFE_ALLOCA (entries->next, struct charset_map_entries *, sizeof (struct charset_map_entries)); entries = entries->next; + bzero (entries, sizeof (struct charset_map_entries)); } idx = n_entries % 0x10000; entries->entry[idx].from = from; @@ -596,6 +598,7 @@ SAFE_ALLOCA (head, struct charset_map_entries *, sizeof (struct charset_map_entries)); entries = head; + bzero (entries, sizeof (struct charset_map_entries)); n_entries = 0; for (i = 0; i < len; i += 2) @@ -632,6 +635,7 @@ SAFE_ALLOCA (entries->next, struct charset_map_entries *, sizeof (struct charset_map_entries)); entries = entries->next; + bzero (entries, sizeof (struct charset_map_entries)); } idx = n_entries % 0x10000; entries->entry[idx].from = from;