2 files changed, 13 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 0072fb38ad..d21c95bde1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sun Jun  6 22:37:11 2010  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* string.c (rb_str_buf_cat_escaped_char): get rid of buffer
+	  overflow on platforms int is bigger than 32bit, and warnings.
+
 Sun Jun  6 10:44:34 2010  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* array.c (rb_ary_product): need to set the length in order to get
@@ -32,7 +37,7 @@ Sat Jun  5 23:15:42 2010  NARUSE, Yui  <naruse@ruby-lang.org>
 	* re.c (rb_reg_expr_str): use rb_str_buf_cat_escaped_char
 	  when resenc is given: for Regexp#inspect or error message.
 
-	  * re.c (rb_reg_desc): add 'n' for ENCODING_NONE.
+	* re.c (rb_reg_desc): add 'n' for ENCODING_NONE.
 
 Sat Jun  5 23:15:42 2010  NARUSE, Yui  <naruse@ruby-lang.org>
 
diff --git a/string.c b/string.c
index a642d309fa..703797f798 100644
--- a/string.c
+++ b/string.c
@@ -4081,9 +4081,14 @@ str_cat_char(VALUE str, unsigned int c, rb_encoding *enc)
 #define CHAR_ESC_LEN 13 /* sizeof(\x{ hex of 32bit unsigned int } \0) */
 
 int
-rb_str_buf_cat_escaped_char(VALUE result, unsigned int c, int unicode_p) {
+rb_str_buf_cat_escaped_char(VALUE result, unsigned int c, int unicode_p)
+{
     char buf[CHAR_ESC_LEN + 1];
     int l;
+
+#if SIZEOF_INT > 4
+    c &= 0xffffffff;
+#endif
     if (unicode_p) {
 	if (c < 0x7F && ISPRINT(c)) {
 	    snprintf(buf, CHAR_ESC_LEN, "%c", c);
@@ -4103,7 +4108,7 @@ rb_str_buf_cat_escaped_char(VALUE result, unsigned int c, int unicode_p) {
 	    snprintf(buf, CHAR_ESC_LEN, "\\x{%X}", c);
 	}
     }
-    l = strlen(buf);
+    l = (int)strlen(buf);	/* CHAR_ESC_LEN cannot exceed INT_MAX */
     rb_str_buf_cat(result, buf, l);
     return l;
 }