ruby-changes:34877
From: nobu <ko1@a...>
Date: Sat, 26 Jul 2014 19:06:54 +0900 (JST)
Subject: [ruby-changes:34877] nobu:r46960 (trunk): compile.c: check size
nobu 2014-07-26 19:06:49 +0900 (Sat, 26 Jul 2014) New Revision: 46960 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46960 Log: compile.c: check size * compile.c (compile_data_alloc): check allocation size and integer overflow. Modified files: trunk/compile.c Index: compile.c =================================================================== --- compile.c (revision 46959) +++ compile.c (revision 46960) @@ -595,13 +595,13 @@ compile_data_alloc(rb_iseq_t *iseq, size https://github.com/ruby/ruby/blob/trunk/compile.c#L595 struct iseq_compile_data_storage *storage = iseq->compile_data->storage_current; + if (size >= INT_MAX) rb_memerror(); if (storage->pos + size > storage->size) { - unsigned long alloc_size = storage->size * 2; + unsigned int alloc_size = storage->size; - retry: - if (alloc_size < size) { + while (alloc_size < size) { + if (alloc_size >= INT_MAX / 2) rb_memerror(); alloc_size *= 2; - goto retry; } storage->next = (void *)ALLOC_N(char, alloc_size + SIZEOF_ISEQ_COMPILE_DATA_STORAGE); -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/