ruby-changes:44076
From: nobu <ko1@a...>
Date: Tue, 13 Sep 2016 17:13:00 +0900 (JST)
Subject: [ruby-changes:44076] nobu:r56149 (trunk): string.c: fix integer overflow
nobu 2016-09-13 17:12:54 +0900 (Tue, 13 Sep 2016) New Revision: 56149 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=56149 Log: string.c: fix integer overflow * string.c (rb_str_change_terminator_length): fix integer overflow in the case growing the terminator length and the string length is around LONG_MAX. Modified files: trunk/string.c Index: string.c =================================================================== --- string.c (revision 56148) +++ string.c (revision 56149) @@ -2054,7 +2054,8 @@ rb_str_change_terminator_length(VALUE st https://github.com/ruby/ruby/blob/trunk/string.c#L2054 long capa = str_capacity(str, oldtermlen); long len = RSTRING_LEN(str); - if (capa < len + termlen - oldtermlen) { + assert(capa >= len); + if (capa - len < termlen - oldtermlen) { rb_check_lockedtmp(str); str_make_independent_expand(str, len, 0L, termlen); } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/