From 438c4a6fdc5044cdf8f3b43684343a1de0d3efc2 Mon Sep 17 00:00:00 2001
From: knu <knu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 13 Feb 2007 06:21:47 +0000
Subject: * io.c (rb_f_syscall): Fix buffer overflow with syscall   arguments. 
 [ruby-bugs:PR#8541]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@11711 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 5 +++++
 io.c      | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index e47630fdc9..126546946a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Feb 13 02:21:12 2007  Sam Roberts  <sroberts@uniserve.com>
+
+	* io.c (rb_f_syscall): Fix buffer overflow with syscall
+	  arguments.  [ruby-bugs:PR#8541]
+
 Sun Feb 11 07:46:45 2007  Akinori MUSHA  <knu@iDaemons.org>
 
 	* lib/cgi.rb (CGI::QueryExtension::read_multipart): Properly parse
diff --git a/io.c b/io.c
index fa44bf93e1..e98520da36 100644
--- a/io.c
+++ b/io.c
@@ -5046,6 +5046,8 @@ rb_f_syscall(argc, argv)
     rb_secure(2);
     if (argc == 0)
 	rb_raise(rb_eArgError, "too few arguments for syscall");
+    if (argc > sizeof(arg) / sizeof(arg[0]))
+	rb_raise(rb_eArgError, "too many arguments for syscall");
     arg[0] = NUM2LONG(argv[0]); argv++;
     while (items--) {
 	VALUE v = rb_check_string_type(*argv);
-- 
cgit v1.2.3