diff options
| author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-08-28 06:53:47 +0000 |
|---|---|---|
| committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-08-28 06:53:47 +0000 |
| commit | 0d530b2392585cc535fb905f9ba4467257ef289c (patch) | |
| tree | f1ab0d52fda34d6b6d3c479567b5e52b1a738f5d /ext/date | |
| parent | 650c122fd71ef2beb3a7465d453ced925bb4ca88 (diff) | |
* ext/date/date_parse.c (date_zone_to_diff): keep a temporary string
stored in variable while the contents buffer is beeing used.
* ext/date/date_parse.c (date_zone_to_diff): get rid of out of bounds
memory read.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33106 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/date')
| -rw-r--r-- | ext/date/date_parse.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ext/date/date_parse.c b/ext/date/date_parse.c index 1214f39781..597c25ac55 100644 --- a/ext/date/date_parse.c +++ b/ext/date/date_parse.c @@ -392,10 +392,10 @@ date_zone_to_diff(VALUE str) dl = RSTRING_LEN(str) - (sizeof DST - 1); ds = RSTRING_PTR(str) + dl; - if (strcmp(ss, STD) == 0) { + if (sl >= 0 && strcmp(ss, STD) == 0) { str = rb_str_new(RSTRING_PTR(str), sl); } - else if (strcmp(ds, DST) == 0) { + else if (dl >= 0 && strcmp(ds, DST) == 0) { str = rb_str_new(RSTRING_PTR(str), dl); dst = 1; } @@ -409,7 +409,7 @@ date_zone_to_diff(VALUE str) dl = RSTRING_LEN(str) - (sizeof DST - 1); ds = RSTRING_PTR(str) + dl; - if (strcmp(ds, DST) == 0) { + if (dl >= 0 && strcmp(ds, DST) == 0) { str = rb_str_new(RSTRING_PTR(str), dl); dst = 1; } @@ -441,8 +441,10 @@ date_zone_to_diff(VALUE str) char *s, *p; VALUE sign; VALUE hour = Qnil, min = Qnil, sec = Qnil; + VALUE str_orig; s = RSTRING_PTR(str); + str_orig = str; if (strncmp(s, "gmt", 3) == 0 || strncmp(s, "utc", 3) == 0) @@ -467,6 +469,7 @@ date_zone_to_diff(VALUE str) } else min = rb_str_new2(s); + RB_GC_GUARD(str_orig); goto num; } if (strpbrk(RSTRING_PTR(str), ",.")) { |