ruby-changes:1855
From: ko1@a...
Date: 5 Sep 2007 22:37:26 +0900
Subject: [ruby-changes:1855] matz - Ruby:r13346 (trunk): * array.c (rb_ary_subseq): need integer overflow check.
matz 2007-09-05 22:37:18 +0900 (Wed, 05 Sep 2007)
New Revision: 13346
Modified files:
trunk/ChangeLog
trunk/array.c
Log:
* array.c (rb_ary_subseq): need integer overflow check.
[ruby-dev:31736]
* array.c (rb_ary_splice): ditto. [ruby-dev:31737]
* array.c (rb_ary_fill): ditto. [ruby-dev:31738]
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/array.c?r1=13346&r2=13345
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ChangeLog?r1=13346&r2=13345
Index: array.c
===================================================================
--- array.c (revision 13345)
+++ array.c (revision 13346)
@@ -683,10 +683,8 @@
if (beg > RARRAY_LEN(ary)) return Qnil;
if (beg < 0 || len < 0) return Qnil;
- if (beg + len > RARRAY_LEN(ary)) {
+ if (RARRAY_LEN(ary) < len || RARRAY_LEN(ary) < beg + len) {
len = RARRAY_LEN(ary) - beg;
- if (len < 0)
- len = 0;
}
klass = rb_obj_class(ary);
if (len == 0) return ary_new(klass, 0);
@@ -994,7 +992,7 @@
rb_raise(rb_eIndexError, "index %ld out of array", beg);
}
}
- if (beg + len > RARRAY_LEN(ary)) {
+ if (RARRAY_LEN(ary) < len || RARRAY_LEN(ary) < beg + len) {
len = RARRAY_LEN(ary) - beg;
}
@@ -2140,7 +2138,10 @@
rb_ary_modify(ary);
ary_iter_check(ary);
end = beg + len;
- if (end > RARRAY_LEN(ary)) {
+ if (end < 0) {
+ rb_raise(rb_eArgError, "argument too big");
+ }
+ if (RARRAY_LEN(ary) < end) {
if (end >= ARY_CAPA(ary)) {
RESIZE_CAPA(ary, end);
}
Index: ChangeLog
===================================================================
--- ChangeLog (revision 13345)
+++ ChangeLog (revision 13346)
@@ -1,5 +1,12 @@
Wed Sep 5 22:02:27 2007 Yukihiro Matsumoto <matz@r...>
+ * array.c (rb_ary_subseq): need integer overflow check.
+ [ruby-dev:31736]
+
+ * array.c (rb_ary_splice): ditto. [ruby-dev:31737]
+
+ * array.c (rb_ary_fill): ditto. [ruby-dev:31738]
+
* string.c (rb_str_splice): integer overflow for length.
[ruby-dev:31739]
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml