[PATCH] Fix a case where the value returned by SS() was assigned to an int

From: <wjenk....at.inode.at>
Date: Thu, 06 Jan 2011 19:30:50 +0100

# HG changeset patch
# User wjenkner
# Date 1294254079 -3600
# Branch fix
# Node ID bb4b8c34784b2564e549b2485607955dc1284c55
# Parent 4fe8f8aa3ca71063082120de36eee52ad0db4d76
Fix a case where the value returned by SS() was assigned to an int.

The return value holds a pointer when SCI_GETDIRECTPOINTER is passed.
In particular, FreeBSD/amd64 segfaulted in the buffer_new handler
when dereferencing such a truncated buffer.direct_pointer.

diff -r 4fe8f8aa3ca7 -r bb4b8c34784b src/textadept.c
--- a/src/textadept.c Sun Jan 02 21:32:46 2011 -0500
+++ b/src/textadept.c Wed Jan 05 20:01:19 2011 +0100
@@ -1551,7 +1551,7 @@
   }
 
   // Send the message to Scintilla and return the appropriate values.
- int result = SS(editor, msg, params[0], params[1]);
+ sptr_t result = SS(editor, msg, params[0], params[1]);
   arg = lua_gettop(lua);
   if (string_return) lua_pushlstring(lua, return_string, len);
   if (rt_type == tBOOL) lua_pushboolean(lua, result);
Received on Thu 06 Jan 2011 - 13:30:50 EST

This archive was generated by hypermail 2.2.0 : Thu 08 Mar 2012 - 11:58:14 EST