diff options
| author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-06-07 23:37:55 +0000 |
|---|---|---|
| committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-06-07 23:37:55 +0000 |
| commit | 9f215f197bdefdade9aaadfd1f91eb8c468a0343 (patch) | |
| tree | f24546c956133255415ad1e55f47777c974f9758 /ChangeLog | |
| parent | 64e8148bee713ac155d7f2f4afbc6cbdf535a2aa (diff) | |
merge revision(s) 23610:23613:
* ext/bigdecimal/bigdecimal.c (VpAlloc): avoid ALLOCA_N() to avoid
segmentation fault caused by (insanely) long decimal values.
backported from 1.9.
* ext/bigdecimal/bigdecimal.c (BigDecimal_dump, BigDecimal_to_i,
BigDecimal_to_f, BigDecimal_to_s, BigDecimal_split,
BigDecimal_inspect): ditto.
* ext/bigdecimal/bigdecimal.c (BigDecimal_to_f): returns Inf if
exp is bigger than DBL_MANT_DIG.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@23645 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -1,3 +1,18 @@ +Mon Jun 8 08:15:36 2009 Yukihiro Matsumoto <matz@ruby-lang.org> + + * ext/bigdecimal/bigdecimal.c (VpAlloc): avoid ALLOCA_N() to avoid + segmentation fault caused by (insanely) long decimal values. + backported from 1.9. CVE-2009-1904 + + * ext/bigdecimal/bigdecimal.c (BigDecimal_dump, BigDecimal_to_i, + BigDecimal_to_f, BigDecimal_to_s, BigDecimal_split, + BigDecimal_inspect): ditto. + +Mon Jun 8 08:15:36 2009 Yukihiro Matsumoto <matz@ruby-lang.org> + + * ext/bigdecimal/bigdecimal.c (BigDecimal_to_f): returns Inf if + exp is bigger than DBL_MANT_DIG. + Wed Jun 3 21:16:30 2009 Tanaka Akira <akr@fsij.org> * file.c: include fcntl.h for O_RDONLY on Solaris. |