summaryrefslogtreecommitdiff
path: root/ext
diff options
context:
space:
mode:
authorNAKAMURA Usaku <usa@ruby-lang.org>2021-11-24 20:21:17 +0900
committerNAKAMURA Usaku <usa@ruby-lang.org>2021-11-24 20:21:17 +0900
commitf69aeb83146be640995753667fdd6c6f157527f5 (patch)
treec1c61407f77b0f3ef859d3d46b77bdb5e361a549 /ext
parentb1985629565c3c54b1a64d6faf213e8144857515 (diff)
merge some parts of CGI 0.1.1v2_7_5
Fix integer overflow Make use of the check in rb_alloc_tmp_buffer2. When parsing cookies, only decode the values Bump version
Diffstat (limited to 'ext')
-rw-r--r--ext/cgi/escape/escape.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c
index 47188819cd..feedea34c8 100644
--- a/ext/cgi/escape/escape.c
+++ b/ext/cgi/escape/escape.c
@@ -36,7 +36,8 @@ static VALUE
optimized_escape_html(VALUE str)
{
VALUE vbuf;
- char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
+ typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
+ char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
const char *cstr = RSTRING_PTR(str);
const char *end = cstr + RSTRING_LEN(str);