ruby-changes:71707

https://git.ruby-lang.org/ruby.git/commit/?id=3fa771dded

From 3fa771ddedac25560be57f4055f1767e6c810f58 Mon Sep 17 00:00:00 2001
From: nagachika <nagachika@r...>
Date: Tue, 12 Apr 2022 20:08:08 +0900
Subject: Fix dtoa buffer overrun

---
 missing/dtoa.c          |  3 ++-
 test/ruby/test_float.rb | 18 ++++++++++++++++++
 version.h               |  2 +-
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/missing/dtoa.c b/missing/dtoa.c
index a940eabd91..b7a8302875 100644
--- a/missing/dtoa.c
+++ b/missing/dtoa.c
@@ -1552,6 +1552,7 @@ break2: https://github.com/ruby/ruby/blob/trunk/missing/dtoa.c#L1552
 	    if (!*++s || !(s1 = strchr(hexdigit, *s))) goto ret0;
 	    if (*s == '0') {
 		while (*++s == '0');
+		if (!*s) goto ret;
 		s1 = strchr(hexdigit, *s);
 	    }
 	    if (s1 != NULL) {
@@ -1574,7 +1575,7 @@ break2: https://github.com/ruby/ruby/blob/trunk/missing/dtoa.c#L1575
 		for (; *s && (s1 = strchr(hexdigit, *s)); ++s) {
 		    adj += aadj * ((s1 - hexdigit) & 15);
 		    if ((aadj /= 16) == 0.0) {
-			while (strchr(hexdigit, *++s));
+			while (*++s && strchr(hexdigit, *s));
 			break;
 		    }
 		}
diff --git a/test/ruby/test_float.rb b/test/ruby/test_float.rb
index fbf0d87f8e..b218b72db5 100644
--- a/test/ruby/test_float.rb
+++ b/test/ruby/test_float.rb
@@ -171,6 +171,24 @@ class TestFloat < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_float.rb#L171
       assert_raise(ArgumentError, n += z + "A") {Float(n)}
       assert_raise(ArgumentError, n += z + ".0") {Float(n)}
     end
+
+    x = nil
+    2000.times do
+      x = Float("0x"+"0"*30)
+      break unless x == 0.0
+    end
+    assert_equal(0.0, x, ->{"%a" % x})
+    x = nil
+    2000.times do
+      begin
+        x = Float("0x1."+"0"*270)
+      rescue ArgumentError => e
+        raise unless /"0x1\.0{270}"/ =~ e.message
+      else
+        break
+      end
+    end
+    assert_nil(x, ->{"%a" % x})
   end
 
   def test_divmod
diff --git a/version.h b/version.h
index 5aee8a7013..e00808d240 100644
--- a/version.h
+++ b/version.h
@@ -12,7 +12,7 @@ https://github.com/ruby/ruby/blob/trunk/version.h#L12
 # define RUBY_VERSION_MINOR RUBY_API_VERSION_MINOR
 #define RUBY_VERSION_TEENY 4
 #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR
-#define RUBY_PATCHLEVEL 207
+#define RUBY_PATCHLEVEL 208
 
 #define RUBY_RELEASE_YEAR 2022
 #define RUBY_RELEASE_MONTH 4
-- 
cgit v1.2.1


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/