summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authornaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-25 09:45:22 +0000
committernaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-25 09:45:22 +0000
commit05c631eefd55b1faaaa5b46e31e26945e2d77b1d (patch)
tree354ba3f2cdee83094f4e37cabfd77a703c30f0be
parentcf2792d59191424ee7875b5cc96fe31facce2471 (diff)
* regparse.c (fetch_token_in_cc): raise error if given octal escaped
character is too big. [Bug #12420] [Bug #12423] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55163 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog5
-rw-r--r--regparse.c2
-rw-r--r--test/ruby/test_regexp.rb2
3 files changed, 8 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index d06c00c651..a36b9313a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Wed May 25 18:30:53 2016 NARUSE, Yui <naruse@ruby-lang.org>
+
+ * regparse.c (fetch_token_in_cc): raise error if given octal escaped
+ character is too big. [Bug #12420] [Bug #12423]
+
Wed May 25 17:45:15 2016 Kazuki Yamaguchi <k@rhe.jp>
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support.
diff --git a/regparse.c b/regparse.c
index f405f5481b..2924601bc2 100644
--- a/regparse.c
+++ b/regparse.c
@@ -3229,7 +3229,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
PUNFETCH;
prev = p;
num = scan_unsigned_octal_number(&p, end, 3, enc);
- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+ if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER;
if (p == prev) { /* can't read nothing. */
num = 0; /* but, it's not error */
}
diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb
index 85e78383b0..66e2802a23 100644
--- a/test/ruby/test_regexp.rb
+++ b/test/ruby/test_regexp.rb
@@ -439,6 +439,8 @@ class TestRegexp < Test::Unit::TestCase
assert_equal(arg_encoding_none, Regexp.new("", nil, "N").options)
assert_raise(RegexpError) { Regexp.new(")(") }
+ assert_raise(RegexpError) { Regexp.new('[\\40000000000') }
+ assert_raise(RegexpError) { Regexp.new('[\\600000000000.') }
end
def test_unescape