ruby-changes:10916
From: akr <ko1@a...>
Date: Sun, 22 Feb 2009 02:04:36 +0900 (JST)
Subject: [ruby-changes:10916] Ruby:r22491 (trunk): * ext/socket/ancdata.c (bsock_recvmsg_internal): check max length
akr 2009-02-22 02:04:22 +0900 (Sun, 22 Feb 2009) New Revision: 22491 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=22491 Log: * ext/socket/ancdata.c (bsock_recvmsg_internal): check max length overflow. Modified files: trunk/ChangeLog trunk/ext/socket/ancdata.c Index: ChangeLog =================================================================== --- ChangeLog (revision 22490) +++ ChangeLog (revision 22491) @@ -1,3 +1,8 @@ +Sun Feb 22 02:03:46 2009 Tanaka Akira <akr@f...> + + * ext/socket/ancdata.c (bsock_recvmsg_internal): check max length + overflow. + Sun Feb 22 01:52:30 2009 Tanaka Akira <akr@f...> * ext/socket/ancdata.c (bsock_recvmsg_internal): don't call Index: ext/socket/ancdata.c =================================================================== --- ext/socket/ancdata.c (revision 22490) +++ ext/socket/ancdata.c (revision 22491) @@ -1313,6 +1313,8 @@ int grown = 0; #if defined(HAVE_ST_MSG_CONTROL) if (NIL_P(vmaxdatlen) && (mh.msg_flags & MSG_TRUNC)) { + if (SIZE_MAX/2 < maxdatlen) + rb_raise(rb_eArgError, "max data length too big"); maxdatlen *= 2; grown = 1; } @@ -1328,6 +1330,8 @@ } } else { + if (SIZE_MAX/2 < maxctllen) + rb_raise(rb_eArgError, "max control message length too big"); maxctllen *= 2; grown = 1; } @@ -1335,6 +1339,8 @@ } #else if (NIL_P(vmaxdatlen) && ss != -1 && ss == iov.iov_len) { + if (SIZE_MAX/2 < maxdatlen) + rb_raise(rb_eArgError, "max data length too big"); maxdatlen *= 2; grown = 1; } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/