ruby-changes:71704
From: NAKAMURA <ko1@a...>
Date: Tue, 12 Apr 2022 20:47:24 +0900 (JST)
Subject: [ruby-changes:71704] c9c2245c0a (ruby_2_7): Fix dtoa buffer overrun
https://git.ruby-lang.org/ruby.git/commit/?id=c9c2245c0a From c9c2245c0a25176072e02db9254f0e0c84c805cd Mon Sep 17 00:00:00 2001 From: NAKAMURA Usaku <usa@r...> Date: Tue, 12 Apr 2022 20:25:48 +0900 Subject: Fix dtoa buffer overrun --- missing/dtoa.c | 3 ++- test/ruby/test_float.rb | 18 ++++++++++++++++++ version.h | 4 ++-- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/missing/dtoa.c b/missing/dtoa.c index cbee13ee81..e82b60c2ce 100644 --- a/missing/dtoa.c +++ b/missing/dtoa.c @@ -1500,6 +1500,7 @@ break2: https://github.com/ruby/ruby/blob/trunk/missing/dtoa.c#L1500 if (!*++s || !(s1 = strchr(hexdigit, *s))) goto ret0; if (*s == '0') { while (*++s == '0'); + if (!*s) goto ret; s1 = strchr(hexdigit, *s); } if (s1 != NULL) { @@ -1522,7 +1523,7 @@ break2: https://github.com/ruby/ruby/blob/trunk/missing/dtoa.c#L1523 for (; *s && (s1 = strchr(hexdigit, *s)); ++s) { adj += aadj * ((s1 - hexdigit) & 15); if ((aadj /= 16) == 0.0) { - while (strchr(hexdigit, *++s)); + while (*++s && strchr(hexdigit, *s)); break; } } diff --git a/test/ruby/test_float.rb b/test/ruby/test_float.rb index 7cbf3b5a8f..9c24dac8e6 100644 --- a/test/ruby/test_float.rb +++ b/test/ruby/test_float.rb @@ -171,6 +171,24 @@ class TestFloat < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_float.rb#L171 assert_raise(ArgumentError, n += z + "A") {Float(n)} assert_raise(ArgumentError, n += z + ".0") {Float(n)} end + + x = nil + 2000.times do + x = Float("0x"+"0"*30) + break unless x == 0.0 + end + assert_equal(0.0, x, ->{"%a" % x}) + x = nil + 2000.times do + begin + x = Float("0x1."+"0"*270) + rescue ArgumentError => e + raise unless /"0x1\.0{270}"/ =~ e.message + else + break + end + end + assert_nil(x, ->{"%a" % x}) end def test_divmod diff --git a/version.h b/version.h index 957a689057..a03ae9c928 100644 --- a/version.h +++ b/version.h @@ -2,11 +2,11 @@ https://github.com/ruby/ruby/blob/trunk/version.h#L2 # define RUBY_VERSION_MINOR RUBY_API_VERSION_MINOR #define RUBY_VERSION_TEENY 6 #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR -#define RUBY_PATCHLEVEL 218 +#define RUBY_PATCHLEVEL 219 #define RUBY_RELEASE_YEAR 2022 #define RUBY_RELEASE_MONTH 4 -#define RUBY_RELEASE_DAY 7 +#define RUBY_RELEASE_DAY 12 #include "ruby/version.h" -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/