diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-10-08 03:36:54 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-10-08 03:36:54 +0000 |
commit | 116fee990e95bf7024d15ca816c1dce4e4ea419c (patch) | |
tree | 28585f0e2fab7921f475df3db56f86323acbd288 | |
parent | e6b852a2fa7b18fcf20f39e492d75c637e55e80d (diff) |
* pack.c (pack_pack): pointer modification check before each
iteration. [ruby-dev:24445]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7015 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | pack.c | 3 |
2 files changed, 8 insertions, 0 deletions
@@ -1,3 +1,8 @@ +Fri Oct 8 09:49:32 2004 Yukihiro Matsumoto <matz@ruby-lang.org> + + * pack.c (pack_pack): pointer modification check before each + iteration. [ruby-dev:24445] + Fri Oct 8 01:13:05 2004 Hidetoshi NAGAI <nagai@ai.kyutech.ac.jp> * ext/tk/lib/tk/optiondb.rb: make it more secure @@ -499,6 +499,9 @@ pack_pack(ary, fmt) #define NEXTFROM (items-- > 0 ? RARRAY(ary)->ptr[idx++] : (rb_raise(rb_eArgError, toofew),0)) while (p < pend) { + if (RSTRING(fmt)->ptr + RSTRING(fmt)->len != pend) { + rb_raise(rb_eRuntimeError, "format string modified"); + } type = *p++; /* get data type */ #ifdef NATINT_PACK natint = 0; |