[前][次][番号順一覧][スレッド一覧]

ruby-changes:19786

From: yugui <ko1@a...>
Date: Tue, 31 May 2011 09:11:50 +0900 (JST)
Subject: [ruby-changes:19786] yugui:r31831 (ruby_1_9_2): merges r31441,r31442 and r31443 from trunk into ruby_1_9_2.

yugui	2011-05-31 09:11:35 +0900 (Tue, 31 May 2011)

  New Revision: 31831

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=31831

  Log:
    merges r31441,r31442 and r31443 from trunk into ruby_1_9_2.
    --
    YAML.load time correctly parse usecs smaller than 1 fixes #4571
    
    Signed-off-by: URABE, Shyouhei <shyouhei@r...>
    --
    ChangeLog for it
    --
    * ext/syck/rubyext.c (mktime_do): avoid buffer overrun, by
      silently ignoring lesser significant digits.  Required buffer
      length can be computable so you might at first think of
      allocating enough memory space on the fly using alloca().  That
      is a wrong idea because when using alloca there is always risk
      of integer overflow.  A function that accepts outer-process
      resources like this should not blindly trust its inputs.  In
      this particular case we just want to generate miliseconds
      resolution by strtod() so the string in question needs no more
      length than what we originally have.  Ignoring lesser
      significant digits should suffice I believe.

  Modified files:
    branches/ruby_1_9_2/ChangeLog
    branches/ruby_1_9_2/ext/syck/rubyext.c
    branches/ruby_1_9_2/version.h

Index: ruby_1_9_2/ChangeLog
===================================================================
--- ruby_1_9_2/ChangeLog	(revision 31830)
+++ ruby_1_9_2/ChangeLog	(revision 31831)
@@ -1,3 +1,22 @@
+Fri May  6 15:01:11 2011  URABE Shyouhei  <shyouhei@r...>
+
+	* ext/syck/rubyext.c (mktime_do): avoid buffer overrun, by
+	  silently ignoring lesser significant digits.  Required buffer
+	  length can be computable so you might at first think of
+	  allocating enough memory space on the fly using alloca().  That
+	  is a wrong idea because when using alloca there is always risk
+	  of integer overflow.  A function that accepts outer-process
+	  resources like this should not blindly trust its inputs.  In
+	  this particular case we just want to generate miliseconds
+	  resolution by strtod() so the string in question needs no more
+	  length than what we originally have.  Ignoring lesser
+	  significant digits should suffice I believe.
+
+Fri May  6 14:25:53 2011  Tinco Andringa <mail@t...>
+
+	* ext/syck/rubyext.c (mktime_do): YAML.load time correctly parse
+	  usecs smaller than 1 fixes #4571
+
 Thu May  5 17:36:31 2011  CHIKANAGA Tomoyuki  <nagachika00@g...>
 
 	* eval.c (frame_func_id): store result of method_entry_of_iseq() to
Index: ruby_1_9_2/ext/syck/rubyext.c
===================================================================
--- ruby_1_9_2/ext/syck/rubyext.c	(revision 31830)
+++ ruby_1_9_2/ext/syck/rubyext.c	(revision 31831)
@@ -225,7 +225,7 @@
     VALUE hour = INT2FIX(0);
     VALUE min = INT2FIX(0);
     VALUE sec = INT2FIX(0);
-    long usec;
+    double usec;
 
     /* Year*/
     if ( ptr[0] != '\0' && len > 0 ) {
@@ -271,19 +271,20 @@
     ptr += 2;
     if ( len > ptr - str && *ptr == '.' )
     {
-        char padded[] = "000000";
-        char *end = ptr + 1;
-        char *p = end;
+        char padded[] = "000000.000000";
+        const int padding = 6;
+        const int offset = padding + 1;
+        const char *end = ptr + 1;
+        const char *begin = end;
+        int length;
         while ( isdigit( *end ) ) end++;
-        if (end - p < sizeof(padded)) {
-            MEMCPY(padded, ptr + 1, char, end - (ptr + 1));
-            p = padded;
-        }
-        usec = strtol(p, NULL, 10);
+        length = (int)(end - begin) <= padding ? (int)(end - begin) : padding;
+        MEMCPY(padded, begin, char, length);
+        usec = strtod(padded, NULL);
     }
     else
     {
-        usec = 0;
+        usec = 0.0;
     }
 
     /* Time Zone*/
@@ -311,12 +312,12 @@
         time = rb_funcall(rb_cTime, s_utc, 6, year, mon, day, hour, min, sec);
         tmp = rb_funcall(time, s_to_i, 0);
         tmp = rb_funcall(tmp, '-', 1, LONG2FIX(tz_offset));
-        return rb_funcall(rb_cTime, s_at, 2, tmp, LONG2NUM(usec));
+        return rb_funcall(rb_cTime, s_at, 2, tmp, rb_float_new(usec));
     }
     else
     {
         /* Make UTC time*/
-        return rb_funcall(rb_cTime, s_utc, 7, year, mon, day, hour, min, sec, LONG2NUM(usec));
+        return rb_funcall(rb_cTime, s_utc, 7, year, mon, day, hour, min, sec, rb_float_new(usec));
     }
 }
 
Index: ruby_1_9_2/version.h
===================================================================
--- ruby_1_9_2/version.h	(revision 31830)
+++ ruby_1_9_2/version.h	(revision 31831)
@@ -1,5 +1,5 @@
 #define RUBY_VERSION "1.9.2"
-#define RUBY_PATCHLEVEL 248
+#define RUBY_PATCHLEVEL 249
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 9
 #define RUBY_VERSION_TEENY 1

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]