summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authornobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2010-08-05 11:00:18 +0000
committernobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2010-08-05 11:00:18 +0000
commitb80ddbf461a9a215513d6bbd78bab7185a927a31 (patch)
treee2427c009dd63a9b8deab45d7d8dd8b9572101b7
parent50b50499210bb52d1bbae6b65009f058426d2d1a (diff)
* string.c (rb_str_set_len): bail out when buffer overflowed
probably. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog5
-rw-r--r--string.c5
2 files changed, 10 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 2ef06c2..2a564b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Thu Aug 5 19:59:55 2010 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * string.c (rb_str_set_len): bail out when buffer overflowed
+ probably.
+
Thu Aug 5 19:51:21 2010 Nobuyoshi Nakada <nobu@ruby-lang.org>
* compile.c (iseq_compile_each): drop unused ARGSCAT results.
diff --git a/string.c b/string.c
index cb371c2..0aa2e6c 100644
--- a/string.c
+++ b/string.c
@@ -1693,10 +1693,15 @@ rb_str_unlocktmp(VALUE str)
void
rb_str_set_len(VALUE str, long len)
{
+ long capa;
+
str_modifiable(str);
if (STR_SHARED_P(str)) {
rb_raise(rb_eRuntimeError, "can't set length of shared string");
}
+ if (len > (capa = (long)rb_str_capacity(str))) {
+ rb_bug("probable buffer overflow: %ld for %ld", len, capa);
+ }
STR_SET_LEN(str, len);
RSTRING_PTR(str)[len] = '\0';
}