ruby-changes:45855
From: naruse <ko1@a...>
Date: Mon, 13 Mar 2017 01:51:52 +0900 (JST)
Subject: [ruby-changes:45855] naruse:r57931 (ruby_2_4): merge revision(s) 57797, 57799, 57800: [Backport #13289]
naruse 2017-03-13 01:51:47 +0900 (Mon, 13 Mar 2017) New Revision: 57931 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57931 Log: merge revision(s) 57797,57799,57800: [Backport #13289] string.c: fix integer overflow * string.c (rb_str_subpos): fix integer overflow which can happen only when SHARABLE_MIDDLE_SUBSTRING is enabled. incorpolate https://github.com/mruby/mruby/commit/7db0786abdd243ba031e24683f string.c: fix integer overflow * string.c (str_byte_substr): fix another integer overflow which can happen only when SHARABLE_MIDDLE_SUBSTRING is enabled. [ruby-core:79951] [Bug #13289] string.c: negation of LONG_MIN * string.c (rb_str_update): do not use negation of LONG_MIN, which is negative too. Modified directories: branches/ruby_2_4/ Modified files: branches/ruby_2_4/string.c branches/ruby_2_4/test/ruby/test_string.rb branches/ruby_2_4/version.h Index: ruby_2_4/version.h =================================================================== --- ruby_2_4/version.h (revision 57930) +++ ruby_2_4/version.h (revision 57931) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/version.h#L1 #define RUBY_VERSION "2.4.0" #define RUBY_RELEASE_DATE "2017-03-13" -#define RUBY_PATCHLEVEL 86 +#define RUBY_PATCHLEVEL 87 #define RUBY_RELEASE_YEAR 2017 #define RUBY_RELEASE_MONTH 3 Index: ruby_2_4/string.c =================================================================== --- ruby_2_4/string.c (revision 57930) +++ ruby_2_4/string.c (revision 57931) @@ -2316,7 +2316,7 @@ rb_str_subpos(VALUE str, long beg, long https://github.com/ruby/ruby/blob/trunk/ruby_2_4/string.c#L2316 beg += blen; if (beg < 0) return 0; } - if (beg + len > blen) + if (len > blen - beg) len = blen - beg; if (len < 0) return 0; p = s + beg; @@ -4365,12 +4365,14 @@ rb_str_update(VALUE str, long beg, long https://github.com/ruby/ruby/blob/trunk/ruby_2_4/string.c#L4365 rb_raise(rb_eIndexError, "index %ld out of string", beg); } if (beg < 0) { - if (-beg > slen) { + if (beg + slen < 0) { goto out_of_range; } beg += slen; } - if (slen < len || slen < beg + len) { + assert(beg >= 0); + assert(beg <= slen); + if (len > slen - beg) { len = slen - beg; } str_modify_keep_cr(str); @@ -5184,7 +5186,7 @@ str_byte_substr(VALUE str, long beg, lon https://github.com/ruby/ruby/blob/trunk/ruby_2_4/string.c#L5186 beg += n; if (beg < 0) return Qnil; } - if (beg + len > n) + if (len > n - beg) len = n - beg; if (len <= 0) { if (!empty) return Qnil; Index: ruby_2_4/test/ruby/test_string.rb =================================================================== --- ruby_2_4/test/ruby/test_string.rb (revision 57930) +++ ruby_2_4/test/ruby/test_string.rb (revision 57931) @@ -202,6 +202,8 @@ CODE https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/ruby/test_string.rb#L202 assert_equal("fobar", s) assert_raise(ArgumentError) { "foo"[1, 2, 3] = "" } + + assert_raise(IndexError) {"foo"[RbConfig::Limits["LONG_MIN"]] = "l"} end def test_CMP # '<=>' Property changes on: ruby_2_4 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r57797,57799-57800 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/