diff options
author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-02-16 07:36:21 +0000 |
---|---|---|
committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-02-16 07:36:21 +0000 |
commit | 54cab0061e5f458b715f6f21b7f5f8769db61944 (patch) | |
tree | 08446b699c45f941da4b2f04a8533b018d99cdff | |
parent | 53859b791ddc95577e464418725c278e60b02afb (diff) |
merge revision(s) 61636: [Backport #14257]
string.c: out-of-bounds access
* string.c (rb_str_enumerate_lines): fix out-of-bounds access when
record separator is longer than the last element. [Bug #14257]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62421 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | string.c | 3 | ||||
-rw-r--r-- | version.h | 2 |
2 files changed, 3 insertions, 2 deletions
@@ -8015,7 +8015,8 @@ rb_str_enumerate_lines(int argc, VALUE *argv, VALUE str, VALUE ary) if (rsnewline) { pend = chomp_newline(subptr, pend, enc); } - else if (memcmp(pend - rslen, rsptr, rslen) == 0) { + else if (pend - subptr >= rslen && + memcmp(pend - rslen, rsptr, rslen) == 0) { pend -= rslen; } } @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.5.0" #define RUBY_RELEASE_DATE "2018-02-16" -#define RUBY_PATCHLEVEL 14 +#define RUBY_PATCHLEVEL 15 #define RUBY_RELEASE_YEAR 2018 #define RUBY_RELEASE_MONTH 2 |