ruby-changes:19786
From: yugui <ko1@a...>
Date: Tue, 31 May 2011 09:11:50 +0900 (JST)
Subject: [ruby-changes:19786] yugui:r31831 (ruby_1_9_2): merges r31441,r31442 and r31443 from trunk into ruby_1_9_2.
yugui 2011-05-31 09:11:35 +0900 (Tue, 31 May 2011) New Revision: 31831 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=31831 Log: merges r31441,r31442 and r31443 from trunk into ruby_1_9_2. -- YAML.load time correctly parse usecs smaller than 1 fixes #4571 Signed-off-by: URABE, Shyouhei <shyouhei@r...> -- ChangeLog for it -- * ext/syck/rubyext.c (mktime_do): avoid buffer overrun, by silently ignoring lesser significant digits. Required buffer length can be computable so you might at first think of allocating enough memory space on the fly using alloca(). That is a wrong idea because when using alloca there is always risk of integer overflow. A function that accepts outer-process resources like this should not blindly trust its inputs. In this particular case we just want to generate miliseconds resolution by strtod() so the string in question needs no more length than what we originally have. Ignoring lesser significant digits should suffice I believe. Modified files: branches/ruby_1_9_2/ChangeLog branches/ruby_1_9_2/ext/syck/rubyext.c branches/ruby_1_9_2/version.h Index: ruby_1_9_2/ChangeLog =================================================================== --- ruby_1_9_2/ChangeLog (revision 31830) +++ ruby_1_9_2/ChangeLog (revision 31831) @@ -1,3 +1,22 @@ +Fri May 6 15:01:11 2011 URABE Shyouhei <shyouhei@r...> + + * ext/syck/rubyext.c (mktime_do): avoid buffer overrun, by + silently ignoring lesser significant digits. Required buffer + length can be computable so you might at first think of + allocating enough memory space on the fly using alloca(). That + is a wrong idea because when using alloca there is always risk + of integer overflow. A function that accepts outer-process + resources like this should not blindly trust its inputs. In + this particular case we just want to generate miliseconds + resolution by strtod() so the string in question needs no more + length than what we originally have. Ignoring lesser + significant digits should suffice I believe. + +Fri May 6 14:25:53 2011 Tinco Andringa <mail@t...> + + * ext/syck/rubyext.c (mktime_do): YAML.load time correctly parse + usecs smaller than 1 fixes #4571 + Thu May 5 17:36:31 2011 CHIKANAGA Tomoyuki <nagachika00@g...> * eval.c (frame_func_id): store result of method_entry_of_iseq() to Index: ruby_1_9_2/ext/syck/rubyext.c =================================================================== --- ruby_1_9_2/ext/syck/rubyext.c (revision 31830) +++ ruby_1_9_2/ext/syck/rubyext.c (revision 31831) @@ -225,7 +225,7 @@ VALUE hour = INT2FIX(0); VALUE min = INT2FIX(0); VALUE sec = INT2FIX(0); - long usec; + double usec; /* Year*/ if ( ptr[0] != '\0' && len > 0 ) { @@ -271,19 +271,20 @@ ptr += 2; if ( len > ptr - str && *ptr == '.' ) { - char padded[] = "000000"; - char *end = ptr + 1; - char *p = end; + char padded[] = "000000.000000"; + const int padding = 6; + const int offset = padding + 1; + const char *end = ptr + 1; + const char *begin = end; + int length; while ( isdigit( *end ) ) end++; - if (end - p < sizeof(padded)) { - MEMCPY(padded, ptr + 1, char, end - (ptr + 1)); - p = padded; - } - usec = strtol(p, NULL, 10); + length = (int)(end - begin) <= padding ? (int)(end - begin) : padding; + MEMCPY(padded, begin, char, length); + usec = strtod(padded, NULL); } else { - usec = 0; + usec = 0.0; } /* Time Zone*/ @@ -311,12 +312,12 @@ time = rb_funcall(rb_cTime, s_utc, 6, year, mon, day, hour, min, sec); tmp = rb_funcall(time, s_to_i, 0); tmp = rb_funcall(tmp, '-', 1, LONG2FIX(tz_offset)); - return rb_funcall(rb_cTime, s_at, 2, tmp, LONG2NUM(usec)); + return rb_funcall(rb_cTime, s_at, 2, tmp, rb_float_new(usec)); } else { /* Make UTC time*/ - return rb_funcall(rb_cTime, s_utc, 7, year, mon, day, hour, min, sec, LONG2NUM(usec)); + return rb_funcall(rb_cTime, s_utc, 7, year, mon, day, hour, min, sec, rb_float_new(usec)); } } Index: ruby_1_9_2/version.h =================================================================== --- ruby_1_9_2/version.h (revision 31830) +++ ruby_1_9_2/version.h (revision 31831) @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.2" -#define RUBY_PATCHLEVEL 248 +#define RUBY_PATCHLEVEL 249 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 9 #define RUBY_VERSION_TEENY 1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/