[前][次][番号順一覧][スレッド一覧]

ruby-changes:49521

From: nobu <ko1@a...>
Date: Sat, 6 Jan 2018 17:44:23 +0900 (JST)
Subject: [ruby-changes:49521] nobu:r61636 (trunk): string.c: out-of-bounds access

nobu	2018-01-06 17:44:17 +0900 (Sat, 06 Jan 2018)

  New Revision: 61636

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=61636

  Log:
    string.c: out-of-bounds access
    
    * string.c (rb_str_enumerate_lines): fix out-of-bounds access when
      record separator is longer than the last element.  [Bug #14257]

  Modified files:
    trunk/string.c
Index: string.c
===================================================================
--- string.c	(revision 61635)
+++ string.c	(revision 61636)
@@ -8026,7 +8026,8 @@ rb_str_enumerate_lines(int argc, VALUE * https://github.com/ruby/ruby/blob/trunk/string.c#L8026
 	    if (rsnewline) {
 		pend = chomp_newline(subptr, pend, enc);
 	    }
-	    else if (memcmp(pend - rslen, rsptr, rslen) == 0) {
+	    else if (pend - subptr >= rslen &&
+		     memcmp(pend - rslen, rsptr, rslen) == 0) {
 		pend -= rslen;
 	    }
 	}

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]