merge revision(s) 55163,55165: [Backport #12420] [Backport #12423]

* regparse.c (fetch_token_in_cc): raise error if given octal escaped character is too big. [Bug #12420] [Bug #12423] * re.c (unescape_nonascii): scan hex up to only 3 characters. [Bug #12420] [Bug #12423] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@55363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-06-10 08:45:34 +0000
committer: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-06-10 08:45:34 +0000
commit: 1a7e21943307a21cc3a70237a85ff7205d6dcd53 (patch)
tree: ca0f745ebfca1aa3c6f3e9c008f53eb5def2ac68 /regparse.c
parent: a05bfd49410bedb5812f8f4e4c27eb1bcd15211e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/regparse.c b/regparse.c
index 094332f90e..cc48945c3c 100644
--- a/regparse.c
+++ b/regparse.c
@@ -3222,7 +3222,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
 	PUNFETCH;
 	prev = p;
 	num = scan_unsigned_octal_number(&p, end, 3, enc);
-	if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+	if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER;
 	if (p == prev) {  /* can't read nothing. */
 	  num = 0; /* but, it's not error */
 	}
author	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-06-10 08:45:34 +0000
committer	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-06-10 08:45:34 +0000
commit	1a7e21943307a21cc3a70237a85ff7205d6dcd53 (patch)
tree	ca0f745ebfca1aa3c6f3e9c008f53eb5def2ac68 /regparse.c
parent	a05bfd49410bedb5812f8f4e4c27eb1bcd15211e (diff)