ruby-changes:32803
From: nobu <ko1@a...>
Date: Sat, 8 Feb 2014 01:21:02 +0900 (JST)
Subject: [ruby-changes:32803] nobu:r44882 (trunk): ruby.c: check argc
nobu 2014-02-08 01:20:55 +0900 (Sat, 08 Feb 2014) New Revision: 44882 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=44882 Log: ruby.c: check argc * ruby.c (proc_options): check argc before dereference of argv, to get rid of potential out-of-bound access. Modified files: trunk/ruby.c Index: ruby.c =================================================================== --- ruby.c (revision 44881) +++ ruby.c (revision 44882) @@ -897,11 +897,9 @@ proc_options(long argc, char **argv, str https://github.com/ruby/ruby/blob/trunk/ruby.c#L897 if (envopt) goto noenvopt; forbid_setid("-e"); if (!*++s) { - s = argv[1]; - argc--, argv++; - } - if (!s) { - rb_raise(rb_eRuntimeError, "no code specified for -e"); + if (!--argc) + rb_raise(rb_eRuntimeError, "no code specified for -e"); + s = *++argv; } if (!opt->e_script) { opt->e_script = rb_str_new(0, 0); @@ -917,7 +915,7 @@ proc_options(long argc, char **argv, str https://github.com/ruby/ruby/blob/trunk/ruby.c#L915 if (*++s) { add_modules(&opt->req_list, s); } - else if (argv[1]) { + else if (argc > 1) { add_modules(&opt->req_list, argv[1]); argc--, argv++; } @@ -941,12 +939,7 @@ proc_options(long argc, char **argv, str https://github.com/ruby/ruby/blob/trunk/ruby.c#L939 case 'C': case 'X': if (envopt) goto noenvopt; - s++; - if (!*s) { - s = argv[1]; - argc--, argv++; - } - if (!s || !*s) { + if (!*++s && (!--argc || !(s = *++argv) || !*s)) { rb_fatal("Can't chdir"); } if (chdir(s) < 0) { @@ -1017,7 +1010,7 @@ proc_options(long argc, char **argv, str https://github.com/ruby/ruby/blob/trunk/ruby.c#L1010 forbid_setid("-I"); if (*++s) ruby_incpush_expand(s); - else if (argv[1]) { + else if (argc > 1) { ruby_incpush_expand(argv[1]); argc--, argv++; } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/