summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog10
-rw-r--r--re.c4
-rw-r--r--regparse.c2
-rw-r--r--test/ruby/test_regexp.rb2
-rw-r--r--version.h6
5 files changed, 18 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index ffe0d0c457..b96cacae4d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+Mon Jun 20 02:25:44 2016 NARUSE, Yui <naruse@ruby-lang.org>
+
+ * re.c (unescape_nonascii): scan hex up to only 3 characters.
+ [Bug #12420] [Bug #12423]
+
+Mon Jun 20 02:25:44 2016 NARUSE, Yui <naruse@ruby-lang.org>
+
+ * regparse.c (fetch_token_in_cc): raise error if given octal escaped
+ character is too big. [Bug #12420] [Bug #12423]
+
Sun Jun 19 04:29:13 2016 Nobuyoshi Nakada <nobu@ruby-lang.org>
* include/ruby/missing.h (isfinite): move from numeric.c.
diff --git a/re.c b/re.c
index 147f91ccf0..c1cf3d8762 100644
--- a/re.c
+++ b/re.c
@@ -2306,8 +2306,8 @@ unescape_nonascii(const char *p, const char *end, rb_encoding *enc,
case '1': case '2': case '3':
case '4': case '5': case '6': case '7': /* \O, \OO, \OOO or backref */
{
- size_t octlen;
- if (ruby_scan_oct(p-1, end-(p-1), &octlen) <= 0177) {
+ size_t len = end-(p-1), octlen;
+ if (ruby_scan_oct(p-1, len < 3 ? len : 3, &octlen) <= 0177) {
/* backref or 7bit octal.
no need to unescape anyway.
re-escaping may break backref */
diff --git a/regparse.c b/regparse.c
index 094332f90e..cc48945c3c 100644
--- a/regparse.c
+++ b/regparse.c
@@ -3222,7 +3222,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
PUNFETCH;
prev = p;
num = scan_unsigned_octal_number(&p, end, 3, enc);
- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+ if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER;
if (p == prev) { /* can't read nothing. */
num = 0; /* but, it's not error */
}
diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb
index db6e8a3b81..dce5792954 100644
--- a/test/ruby/test_regexp.rb
+++ b/test/ruby/test_regexp.rb
@@ -389,6 +389,8 @@ class TestRegexp < Test::Unit::TestCase
assert_equal(arg_encoding_none, Regexp.new("", nil, "N").options)
assert_raise(RegexpError) { Regexp.new(")(") }
+ assert_raise(RegexpError) { Regexp.new('[\\40000000000') }
+ assert_raise(RegexpError) { Regexp.new('[\\600000000000.') }
end
def test_unescape
diff --git a/version.h b/version.h
index 3e90bd91ce..93f4c65374 100644
--- a/version.h
+++ b/version.h
@@ -1,10 +1,10 @@
#define RUBY_VERSION "2.3.2"
-#define RUBY_RELEASE_DATE "2016-06-19"
-#define RUBY_PATCHLEVEL 133
+#define RUBY_RELEASE_DATE "2016-06-20"
+#define RUBY_PATCHLEVEL 134
#define RUBY_RELEASE_YEAR 2016
#define RUBY_RELEASE_MONTH 6
-#define RUBY_RELEASE_DAY 19
+#define RUBY_RELEASE_DAY 20
#include "ruby/version.h"
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 15:56:59 +0000