# HG changeset patch
# User Kenichi Handa <handa@m17n.org>
# Date 898475097 0
# Node ID e4bcb7cb0038de2e2d72ebdc5e9df1a464dc02f6
# Parent  fd9324c5a498f6243caf36eab777f5db2731d319
(read_process_output): While processing carryover,
check the size of p->decoding_buf.

diff -r fd9324c5a498 -r e4bcb7cb0038 src/process.c
--- a/src/process.c	Sun Jun 21 14:52:08 1998 +0000
+++ b/src/process.c	Mon Jun 22 00:24:57 1998 +0000
@@ -2855,13 +2855,19 @@
       carryover = nbytes - coding->consumed;
       if (carryover > 0)
 	{
-	  /* We must move the data carried over to the tail of
-	     decoding buffer.  We are sure that the size of decoding
-	     buffer (decided by decoding_buffer_size) is large enough
-	     to contain them.  */
-	  bcopy (chars + nbytes - carryover,
-		 (XSTRING (p->decoding_buf)->data
-		  + STRING_BYTES (XSTRING (p->decoding_buf)) - carryover),
+	  /* Copy the carryover bytes to the end of p->decoding_buf, to
+	     be processed on the next read.  Since decoding_buffer_size
+	     asks for an extra amount of space beyond the maximum
+	     expected for the output, there should always be sufficient
+	     space for the carryover (which is by definition a sequence
+	     of bytes that was not long enough to be decoded, and thus
+	     has a bounded length).  */
+	  if (STRING_BYTES (XSTRING (p->decoding_buf))
+	      < coding->produced + carryover)
+	    abort ();
+	  bcopy (chars + coding->consumed,
+		 XSTRING (p->decoding_buf)->data
+		 + STRING_BYTES (XSTRING (p->decoding_buf)) - carryover,
 		 carryover);
 	  XSETINT (p->decoding_carryover, carryover);
 	}