From 51f9355bd6b3f81e7fbb3e7675f121ff2a99c530 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 28 Feb 2007 23:55:34 +0000
Subject: * eval.c (rb_feature_p): fix possible buffer overrun.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@11953 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 4 +++-
 eval.c    | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index caf014806e..26383f8b30 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,10 @@
-Thu Mar  1 08:53:05 2007  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+Thu Mar  1 08:55:38 2007  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* eval.c (rb_feature_p): check loading_tbl if the given ext is
 	  empty.  [ruby-dev:30452]
 
+	* eval.c (rb_feature_p): fix possible buffer overrun.
+
 Thu Mar  1 03:30:21 2007  Akinori MUSHA  <knu@iDaemons.org>
 
 	* ext/digest/digest.c (get_digest_base_metadata): Allow inheriting
diff --git a/eval.c b/eval.c
index 6be7fd7b46..598609e8cf 100644
--- a/eval.c
+++ b/eval.c
@@ -6984,7 +6984,7 @@ rb_feature_p(feature, ext, rb)
 
 	    if (ext && *ext) return 0;
 	    buf = ALLOCA_N(char, len + DLEXT_MAXLEN + 1);
-	    strcpy(buf, feature);
+	    MEMCPY(buf, feature, char, len);
 	    for (i = 0; (e = loadable_ext[i]) != 0; i++) {
 		strncpy(buf + len, e, DLEXT_MAXLEN + 1);
 		if (st_lookup(loading_tbl, (st_data_t)buf, 0)) {
-- 
cgit v1.2.3