summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--ext/syck/rubyext.c8
2 files changed, 10 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index d269bc529f..43bebc9ca9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Tue Apr 15 23:40:39 2008 Akinori MUSHA <knu@iDaemons.org>
+
+ * ext/syck/rubyext.c (rb_syck_mktime): Avoid buffer overflow.
+
Tue Apr 15 20:32:03 2008 Tanaka Akira <akr@fsij.org>
* re.c (match_inspect): backported from 1.9.
diff --git a/ext/syck/rubyext.c b/ext/syck/rubyext.c
index 078de4f78d..8c4027f26d 100644
--- a/ext/syck/rubyext.c
+++ b/ext/syck/rubyext.c
@@ -268,9 +268,13 @@ rb_syck_mktime(str, len)
{
char padded[] = "000000";
char *end = ptr + 1;
+ char *p = end;
while ( isdigit( *end ) ) end++;
- MEMCPY(padded, ptr + 1, char, end - (ptr + 1));
- usec = strtol(padded, NULL, 10);
+ if (end - p < sizeof(padded)) {
+ MEMCPY(padded, ptr + 1, char, end - (ptr + 1));
+ p = padded;
+ }
+ usec = strtol(p, NULL, 10);
}
else
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 21:31:18 +0000