* string.c (RESIZE_CAPA): check string attribute before modifying

  capacity member of string structure.  [ruby-dev:24594]

* ext/zlib/zlib.c (gzreader_gets): use memchr() to to gain
  performance.  [ruby-talk:117701]

* sprintf.c (rb_f_sprintf): raise ArgumentError for extra
  arguments, unless (digit)$ style used.

* ext/zlib/zlib.c (gzreader_gets): use memchr() to to gain
  performance.  [ruby-talk:117701]

* sprintf.c (rb_f_sprintf): raise ArgumentError for extra
  arguments, unless (digit)$ style used.

* eval.c (frame_free): Guy Decoux solved the leak problem.
  Thanks.  [ruby-core:03549]

* ext/zlib/zlib.c (zstream_append_input): clear klass for z->input
  to avoid potential vulnerability.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7119 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 1 insertions, 3 deletions

diff --git a/sprintf.c b/sprintf.c
index 98db29ea6c..38283919e6 100644
--- a/sprintf.c
+++ b/sprintf.c
@@ -770,14 +770,12 @@ rb_f_sprintf(argc, argv)
     }
 
   sprint_exit:
-#if 0
     /* XXX - We cannot validiate the number of arguments because
      *       the format string may contain `n$'-style argument selector.
      */
-    if (RTEST(ruby_verbose) && nextarg < argc) {
+    if (RTEST(ruby_verbose) && posarg >= 0 && nextarg < argc) {
 	rb_raise(rb_eArgError, "too many arguments for format string");
     }
-#endif
     rb_str_resize(result, blen);
 
     if (tainted) OBJ_TAINT(result);