ruby-changes:32316
From: nobu <ko1@a...>
Date: Wed, 25 Dec 2013 01:44:53 +0900 (JST)
Subject: [ruby-changes:32316] nobu:r44395 (trunk): ossl.c: integer overflow
nobu 2013-12-25 01:44:49 +0900 (Wed, 25 Dec 2013) New Revision: 44395 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=44395 Log: ossl.c: integer overflow * ext/openssl/ossl.c (string2hex): fix signed integer overflow. [ruby-core:51711] [Bug #7744] [Fixes GH-242] Modified files: trunk/ext/openssl/ossl.c Index: ext/openssl/ossl.c =================================================================== --- ext/openssl/ossl.c (revision 44394) +++ ext/openssl/ossl.c (revision 44395) @@ -18,11 +18,12 @@ int https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.c#L18 string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len) { static const char hex[]="0123456789abcdef"; - int i, len = 2 * buf_len; + int i, len; - if (buf_len < 0 || len < buf_len) { /* PARANOIA? */ + if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */ return -1; } + len = 2 * buf_len; if (!hexbuf) { /* if no buf, return calculated len */ if (hexbuf_len) { *hexbuf_len = len; -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/