From 47ea7f442f7d85f29b7200ada8755e6ebf5c0819 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 12 Jul 2011 18:04:29 -0700
Subject: [PATCH] * alloc.c (gc_sweep): Don't read past end of array.

In theory, the old code could also have corrupted Emacs internals,
though it'd be very unlikely.
---
 src/ChangeLog | 6 ++++++
 src/alloc.c   | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 07c707eacd..386ed435b2 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2011-07-13  Paul Eggert  <eggert@cs.ucla.edu>
+
+	* alloc.c (gc_sweep): Don't read past end of array.
+	In theory, the old code could also have corrupted Emacs internals,
+	though it'd be very unlikely.
+
 2011-07-12  Andreas Schwab  <schwab@linux-m68k.org>
 
 	* character.c (Fcharacterp): Don't advertise optional ignored
diff --git a/src/alloc.c b/src/alloc.c
index 6ba080c0b4..44f935c243 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -5733,7 +5733,7 @@ gc_sweep (void)
 	int ilim = (lim + BITS_PER_INT - 1) / BITS_PER_INT;
 
 	/* Scan the mark bits an int at a time.  */
-	for (i = 0; i <= ilim; i++)
+	for (i = 0; i < ilim; i++)
 	  {
 	    if (cblk->gcmarkbits[i] == -1)
 	      {
-- 
2.20.1