[Emacs-diffs] master a37820a 2/6: Merge from origin/emacs-25

[Paul Eggert]

branch: master
commit a37820aef918cfaffbd1a74649e2a929f12c453b
Merge: 630f535 ee04aed
Author: Paul Eggert <address@hidden>
Commit: Paul Eggert <address@hidden>

    Merge from origin/emacs-25
    
    ee04aed Fix handling of buffer relocation in regex.c functions
    71ca4f6 Avoid relocating buffers while libxml2 reads its text
    1b3fc8a ; Remove redundant code in gmalloc.c
    9afea93 Attempt to catch reads from a buffer that is relocated
---
 src/gmalloc.c |    4 ----
 src/search.c  |    4 ++++
 src/xml.c     |   19 +++++++++++++++++--
 3 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/src/gmalloc.c b/src/gmalloc.c
index 33d424f..6ca35ec 100644
--- a/src/gmalloc.c
+++ b/src/gmalloc.c
@@ -35,10 +35,6 @@ License along with this library.  If not, see 
<http://www.gnu.org/licenses/>.
 #include <pthread.h>
 #endif
 
-#ifdef WINDOWSNT
-#include <w32heap.h>   /* for sbrk */
-#endif
-
 #ifdef emacs
 # include "lisp.h"
 #endif
diff --git a/src/search.c b/src/search.c
index bcb5ee9..127a57a 100644
--- a/src/search.c
+++ b/src/search.c
@@ -1226,6 +1226,8 @@ search_buffer (Lisp_Object string, ptrdiff_t pos, 
ptrdiff_t pos_byte,
                              ? &search_regs : &search_regs_1),
                             /* Don't allow match past current point */
                             pos_byte - BEGV_BYTE);
+         /* Update 'base' due to possible relocation inside re_search_2.  */
+         base = current_buffer->text->beg;
          if (val == -2)
            {
              matcher_overflow ();
@@ -1272,6 +1274,8 @@ search_buffer (Lisp_Object string, ptrdiff_t pos, 
ptrdiff_t pos_byte,
                             (NILP (Vinhibit_changing_match_data)
                              ? &search_regs : &search_regs_1),
                             lim_byte - BEGV_BYTE);
+         /* Update 'base' due to possible relocation inside re_search_2.  */
+         base = current_buffer->text->beg;
          if (val == -2)
            {
              matcher_overflow ();
diff --git a/src/xml.c b/src/xml.c
index 03e9053..7d61dc7 100644
--- a/src/xml.c
+++ b/src/xml.c
@@ -181,6 +181,7 @@ parse_region (Lisp_Object start, Lisp_Object end, 
Lisp_Object base_url,
   Lisp_Object result = Qnil;
   const char *burl = "";
   ptrdiff_t istart, iend, istart_byte, iend_byte;
+  unsigned char *buftext;
 
   xmlCheckVersion (LIBXML_VERSION);
 
@@ -200,18 +201,32 @@ parse_region (Lisp_Object start, Lisp_Object end, 
Lisp_Object base_url,
       burl = SSDATA (base_url);
     }
 
+  buftext = BYTE_POS_ADDR (istart_byte);
+#ifdef REL_ALLOC
+  /* Prevent ralloc.c from relocating the current buffer while libxml2
+     functions below read its text.  */
+  r_alloc_inhibit_buffer_relocation (1);
+#endif
   if (htmlp)
-    doc = htmlReadMemory ((char *) BYTE_POS_ADDR (istart_byte),
+    doc = htmlReadMemory ((char *)buftext,
                          iend_byte - istart_byte, burl, "utf-8",
                          HTML_PARSE_RECOVER|HTML_PARSE_NONET|
                          HTML_PARSE_NOWARNING|HTML_PARSE_NOERROR|
                          HTML_PARSE_NOBLANKS);
   else
-    doc = xmlReadMemory ((char *) BYTE_POS_ADDR (istart_byte),
+    doc = xmlReadMemory ((char *)buftext,
                         iend_byte - istart_byte, burl, "utf-8",
                         XML_PARSE_NONET|XML_PARSE_NOWARNING|
                         XML_PARSE_NOBLANKS |XML_PARSE_NOERROR);
 
+#ifdef REL_ALLOC
+  r_alloc_inhibit_buffer_relocation (0);
+#endif
+  /* If the assertion below fails, malloc was called inside the above
+     libxml2 functions, and ralloc.c caused relocation of buffer text,
+     so we could have read from unrelated memory.  */
+  eassert (buftext == BYTE_POS_ADDR (istart_byte));
+
   if (doc != NULL)
     {
       Lisp_Object r = Qnil;