diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ext/bigdecimal/bigdecimal.c | 8 |
2 files changed, 9 insertions, 4 deletions
@@ -1,3 +1,8 @@ +Tue Mar 1 13:25:00 2011 Kenta Murata <mrkn@mrkn.jp> + + * ext/bigdecimal/bigdecimal.c (VpMemAlloc): CVE-2011-0188. + Fixes a bug reported by Drew Yao <ayao at apple.com> + Tue Mar 1 10:34:39 2011 NARUSE, Yui <naruse@ruby-lang.org> * string.c (rb_str_byteslice): Add String#byteslice. [ruby-core:35376] diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c index 53fb678d12..83d090280d 100644 --- a/ext/bigdecimal/bigdecimal.c +++ b/ext/bigdecimal/bigdecimal.c @@ -2237,11 +2237,11 @@ static int gnAlloc=0; /* Memory allocation counter */ VP_EXPORT void * VpMemAlloc(size_t mb) { - void *p = xmalloc((unsigned int)mb); - if(!p) { - VpException(VP_EXCEPTION_MEMORY,"failed to allocate memory",1); + void *p = xmalloc(mb); + if (!p) { + VpException(VP_EXCEPTION_MEMORY, "failed to allocate memory", 1); } - memset(p,0,mb); + memset(p, 0, mb); #ifdef BIGDECIMAL_DEBUG gnAlloc++; /* Count allocation call */ #endif /* BIGDECIMAL_DEBUG */ |