ruby-changes:50306
From: naruse <ko1@a...>
Date: Fri, 16 Feb 2018 16:36:26 +0900 (JST)
Subject: [ruby-changes:50306] naruse:r62421 (ruby_2_5): merge revision(s) 61636: [Backport #14257]
naruse 2018-02-16 16:36:21 +0900 (Fri, 16 Feb 2018) New Revision: 62421 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=62421 Log: merge revision(s) 61636: [Backport #14257] string.c: out-of-bounds access * string.c (rb_str_enumerate_lines): fix out-of-bounds access when record separator is longer than the last element. [Bug #14257] Modified directories: branches/ruby_2_5/ Modified files: branches/ruby_2_5/string.c branches/ruby_2_5/version.h Index: ruby_2_5/version.h =================================================================== --- ruby_2_5/version.h (revision 62420) +++ ruby_2_5/version.h (revision 62421) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_5/version.h#L1 #define RUBY_VERSION "2.5.0" #define RUBY_RELEASE_DATE "2018-02-16" -#define RUBY_PATCHLEVEL 14 +#define RUBY_PATCHLEVEL 15 #define RUBY_RELEASE_YEAR 2018 #define RUBY_RELEASE_MONTH 2 Index: ruby_2_5/string.c =================================================================== --- ruby_2_5/string.c (revision 62420) +++ ruby_2_5/string.c (revision 62421) @@ -8015,7 +8015,8 @@ rb_str_enumerate_lines(int argc, VALUE * https://github.com/ruby/ruby/blob/trunk/ruby_2_5/string.c#L8015 if (rsnewline) { pend = chomp_newline(subptr, pend, enc); } - else if (memcmp(pend - rslen, rsptr, rslen) == 0) { + else if (pend - subptr >= rslen && + memcmp(pend - rslen, rsptr, rslen) == 0) { pend -= rslen; } } Index: ruby_2_5 =================================================================== --- ruby_2_5 (revision 62420) +++ ruby_2_5 (revision 62421) Property changes on: ruby_2_5 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /trunk:r61636 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/