summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2008-06-07 16:50:57 +0000
committershyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2008-06-07 16:50:57 +0000
commitb296c4818c5b42fd11675f6cc8082be1a19e13bc (patch)
tree4472d054781615c68f99b564b272be9172c841cb
parent56f39ded333293a4489cd0eb0b75e3801fd57a9c (diff)
merge revision(s) 13699:13704:
* marshal.c (r_bytes0): refined length check. [ruby-dev:32059] * marshal.c (r_bytes0): check if source has enough data. [ruby-dev:32054] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@16903 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog9
-rw-r--r--marshal.c4
-rw-r--r--test/ruby/test_marshal.rb20
-rw-r--r--version.h2
4 files changed, 32 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 84fd407..2e1753e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Sun Jun 8 01:50:07 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * marshal.c (r_bytes0): refined length check. [ruby-dev:32059]
+
+Sun Jun 8 01:50:07 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * marshal.c (r_bytes0): check if source has enough data.
+ [ruby-dev:32054]
+
Sun Jun 8 01:41:19 2008 Tanaka Akira <akr@fsij.org>
* ext/socket/socket.c (s_accept_nonblock): make accepted fd
diff --git a/marshal.c b/marshal.c
index 185ace6..f97b3b8 100644
--- a/marshal.c
+++ b/marshal.c
@@ -468,7 +468,7 @@ w_object(obj, arg, limit)
return;
}
- if (ivtbl = rb_generic_ivar_table(obj)) {
+ if ((ivtbl = rb_generic_ivar_table(obj)) != 0) {
w_byte(TYPE_IVAR, arg);
}
if (obj == Qnil) {
@@ -873,7 +873,7 @@ r_bytes0(len, arg)
if (len == 0) return rb_str_new(0, 0);
if (TYPE(arg->src) == T_STRING) {
- if (RSTRING(arg->src)->len > arg->offset) {
+ if (RSTRING(arg->src)->len - arg->offset >= len) {
str = rb_str_new(RSTRING(arg->src)->ptr+arg->offset, len);
arg->offset += len;
}
diff --git a/test/ruby/test_marshal.rb b/test/ruby/test_marshal.rb
index 9c9fd94..11f3583 100644
--- a/test/ruby/test_marshal.rb
+++ b/test/ruby/test_marshal.rb
@@ -45,4 +45,24 @@ class TestMarshal < Test::Unit::TestCase
assert_equal(a, b)
}
end
+
+ class C
+ def initialize(str)
+ @str = str
+ end
+ def _dump(limit)
+ @str
+ end
+ def self._load(s)
+ new(s)
+ end
+ end
+
+ def test_too_long_string
+ (data = Marshal.dump(C.new("a")))[-2, 1] = "\003\377\377\377"
+ e = assert_raise(ArgumentError, "[ruby-dev:32054]") {
+ Marshal.load(data)
+ }
+ assert_equal("marshal data too short", e.message)
+ end
end
diff --git a/version.h b/version.h
index 505ced9..69edc75 100644
--- a/version.h
+++ b/version.h
@@ -2,7 +2,7 @@
#define RUBY_RELEASE_DATE "2008-06-08"
#define RUBY_VERSION_CODE 186
#define RUBY_RELEASE_CODE 20080608
-#define RUBY_PATCHLEVEL 134
+#define RUBY_PATCHLEVEL 135
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8