diff options
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | re.c | 4 | ||||
-rw-r--r-- | regparse.c | 2 | ||||
-rw-r--r-- | test/ruby/test_regexp.rb | 2 | ||||
-rw-r--r-- | version.h | 2 |
5 files changed, 16 insertions, 4 deletions
@@ -1,3 +1,13 @@ +Fri Jun 10 17:44:59 2016 NARUSE, Yui <naruse@ruby-lang.org> + + * re.c (unescape_nonascii): scan hex up to only 3 characters. + [Bug #12420] [Bug #12423] + +Fri Jun 10 17:44:59 2016 NARUSE, Yui <naruse@ruby-lang.org> + + * regparse.c (fetch_token_in_cc): raise error if given octal escaped + character is too big. [Bug #12420] [Bug #12423] + Fri Jun 10 17:34:09 2016 Nobuyoshi Nakada <nobu@ruby-lang.org> * process.c (rb_exec_getargs): honor the expected argument types @@ -2309,8 +2309,8 @@ unescape_nonascii(const char *p, const char *end, rb_encoding *enc, case '1': case '2': case '3': case '4': case '5': case '6': case '7': /* \O, \OO, \OOO or backref */ { - size_t octlen; - if (ruby_scan_oct(p-1, end-(p-1), &octlen) <= 0177) { + size_t len = end-(p-1), octlen; + if (ruby_scan_oct(p-1, len < 3 ? len : 3, &octlen) <= 0177) { /* backref or 7bit octal. no need to unescape anyway. re-escaping may break backref */ diff --git a/regparse.c b/regparse.c index 094332f90e..cc48945c3c 100644 --- a/regparse.c +++ b/regparse.c @@ -3222,7 +3222,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) PUNFETCH; prev = p; num = scan_unsigned_octal_number(&p, end, 3, enc); - if (num < 0) return ONIGERR_TOO_BIG_NUMBER; + if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER; if (p == prev) { /* can't read nothing. */ num = 0; /* but, it's not error */ } diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb index cc1444c924..321a1989c2 100644 --- a/test/ruby/test_regexp.rb +++ b/test/ruby/test_regexp.rb @@ -388,6 +388,8 @@ class TestRegexp < Test::Unit::TestCase assert_equal(arg_encoding_none, Regexp.new("", nil, "N").options) assert_raise(RegexpError) { Regexp.new(")(") } + assert_raise(RegexpError) { Regexp.new('[\\40000000000') } + assert_raise(RegexpError) { Regexp.new('[\\600000000000.') } end def test_unescape @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.2.6" #define RUBY_RELEASE_DATE "2016-06-10" -#define RUBY_PATCHLEVEL 336 +#define RUBY_PATCHLEVEL 337 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 6 |