* parse.y (read_escape): deny zero-width hexadecimal character.

  (ruby-bugs-ja:PR#260)

* parse.y (tokadd_escape): ditto.

* regex.c (re_compile_pattern): ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@2568 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 19 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 4ec7f2f775..3d63261eef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Fri Jun 14 15:22:19 2002  Nobuyoshi Nakada  <nobu.nokada@softhome.net>
+
+	* parse.y (read_escape): deny zero-width hexadecimal character.
+	  (ruby-bugs-ja:PR#260)
+
+	* parse.y (tokadd_escape): ditto.
+
+	* regex.c (re_compile_pattern): ditto.
+
 Thu Jun 13 09:43:37 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* eval.c (svalue_to_avalue): v may be Qundef.  This fix was
diff --git a/parse.y b/parse.y
index a200f0b14e..e4f4627dc9 100644
--- a/parse.y
+++ b/parse.y
@@ -2416,6 +2416,10 @@ read_escape()
 	    int numlen;
 
 	    c = scan_hex(lex_p, 2, &numlen);
+	    if (numlen == 0) {
+		yyerror("Invalid escape character syntax");
+		return 0;
+	    }
 	    lex_p += numlen;
 	}
 	return c;
@@ -2501,6 +2505,10 @@ tokadd_escape(term)
 	    tokadd('\\');
 	    tokadd(c);
 	    scan_hex(lex_p, 2, &numlen);
+	    if (numlen == 0) {
+		yyerror("Invalid escape character syntax");
+		return -1;
+	    }
 	    while (numlen--)
 		tokadd(nextc());
 	}
diff --git a/regex.c b/regex.c
index 715eea2949..9cb4b75c93 100644
--- a/regex.c
+++ b/regex.c
@@ -1531,6 +1531,7 @@ re_compile_pattern(pattern, size, bufp)
 
 	  case 'x':
 	    c = scan_hex(p, 2, &numlen);
+	    if (numlen == 0) goto invalid_escape;
 	    p += numlen;
 	    had_num_literal = 1;
 	    break;
@@ -2248,6 +2249,7 @@ re_compile_pattern(pattern, size, bufp)
       case 'x':
 	had_mbchar = 0;
 	c = scan_hex(p, 2, &numlen);
+	if (numlen == 0) goto invalid_escape;
 	p += numlen;
 	had_num_literal = 1;
 	goto numeric_char;