[k-takata/Onigmo] Fix out-of-bounds read in parse_char_class()

(Close https://github.com/k-takata/Onigmo/pull/139) /[\x{111111}]/ causes out-of-bounds read when encoding is a single byte encoding. \x{111111} is an invalid codepoint for a single byte encoding. Check if it is a valid codepoint. https://github.com/k-takata/Onigmo/commit/d4cf99d30b
author: K.Takata <kentkt@csc.jp> 2019-08-01 21:27:51 +0900
committer: Nobuyoshi Nakada <nobu@ruby-lang.org> 2026-01-12 20:01:43 +0900
commit: 81c13349049a3674819842e87b14cf35b8755392 (patch)
tree: a79db77889d99127f59d674668ddba0a4dec4317
parent: 16086128ccb5fa9133ef57c0e16bd9eaa82d818c (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/regenc.c b/regenc.c
index ff2155aabc..c561cee29d 100644
--- a/regenc.c
+++ b/regenc.c
@@ -640,18 +640,23 @@ onigenc_single_byte_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED,
 }
 
 extern int
-onigenc_single_byte_code_to_mbclen(OnigCodePoint code ARG_UNUSED, OnigEncoding enc ARG_UNUSED)
+onigenc_single_byte_code_to_mbclen(OnigCodePoint code, OnigEncoding enc ARG_UNUSED)
 {
+  if (code > 0xff)
+    return ONIGERR_INVALID_CODE_POINT_VALUE;
   return 1;
 }
 
 extern int
 onigenc_single_byte_code_to_mbc(OnigCodePoint code, UChar *buf, OnigEncoding enc ARG_UNUSED)
 {
+  if (code > 0xff) {
 #ifdef RUBY
-  if (code > 0xff)
     rb_raise(rb_eRangeError, "%u out of char range", code);
+#else
+    return ONIGERR_INVALID_CODE_POINT_VALUE;
 #endif
+  }
   *buf = (UChar )(code & 0xff);
   return 1;
 }
author	K.Takata <kentkt@csc.jp>	2019-08-01 21:27:51 +0900
committer	Nobuyoshi Nakada <nobu@ruby-lang.org>	2026-01-12 20:01:43 +0900
commit	81c13349049a3674819842e87b14cf35b8755392 (patch)
tree	a79db77889d99127f59d674668ddba0a4dec4317
parent	16086128ccb5fa9133ef57c0e16bd9eaa82d818c (diff)