* ext/syck/rubyext.c (rb_syck_mktime): Avoid buffer overflow.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@16044 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: knu <knu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-04-15 14:42:44 +0000
committer: knu <knu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-04-15 14:42:44 +0000
commit: 65e137a74c1a6c1dddac44ca6f9d569828fb38d8 (patch)
tree: d573952317a692f96d00205c0ee660783b9f94ff /ext
parent: 425bd14e235c10fb3c85c6ff47ff671b891fe7dc (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ext/syck/rubyext.c b/ext/syck/rubyext.c
index 078de4f78d..8c4027f26d 100644
--- a/ext/syck/rubyext.c
+++ b/ext/syck/rubyext.c
@@ -268,9 +268,13 @@ rb_syck_mktime(str, len)
     {
         char padded[] = "000000";
         char *end = ptr + 1;
+        char *p = end;
         while ( isdigit( *end ) ) end++;
-        MEMCPY(padded, ptr + 1, char, end - (ptr + 1));
-        usec = strtol(padded, NULL, 10);
+        if (end - p < sizeof(padded)) {
+            MEMCPY(padded, ptr + 1, char, end - (ptr + 1));
+            p = padded;
+        }
+        usec = strtol(p, NULL, 10);
     }
     else
     {
author	knu <knu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-04-15 14:42:44 +0000
committer	knu <knu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-04-15 14:42:44 +0000
commit	65e137a74c1a6c1dddac44ca6f9d569828fb38d8 (patch)
tree	d573952317a692f96d00205c0ee660783b9f94ff /ext
parent	425bd14e235c10fb3c85c6ff47ff671b891fe7dc (diff)