diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | string.c | 2 | ||||
-rw-r--r-- | version.h | 2 |
3 files changed, 7 insertions, 2 deletions
@@ -1,3 +1,8 @@ +Fri Sep 7 14:32:38 2007 Yukihiro Matsumoto <matz@ruby-lang.org> + + * string.c (rb_str_splice): integer overflow for length. + [ruby-dev:31739] + Fri Sep 7 14:27:33 2007 Yukihiro Matsumoto <matz@ruby-lang.org> * eval.c (mnew): should preserve noex as safe_level. @@ -1644,7 +1644,7 @@ rb_str_splice(str, beg, len, val) } beg += RSTRING(str)->len; } - if (RSTRING(str)->len < beg + len) { + if (RSTRING(str)->len < len || RSTRING(str)->len < beg + len) { len = RSTRING(str)->len - beg; } @@ -2,7 +2,7 @@ #define RUBY_RELEASE_DATE "2007-09-07" #define RUBY_VERSION_CODE 185 #define RUBY_RELEASE_CODE 20070907 -#define RUBY_PATCHLEVEL 105 +#define RUBY_PATCHLEVEL 106 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 |