From f69aeb83146be640995753667fdd6c6f157527f5 Mon Sep 17 00:00:00 2001 From: NAKAMURA Usaku Date: Wed, 24 Nov 2021 20:21:17 +0900 Subject: merge some parts of CGI 0.1.1 Fix integer overflow Make use of the check in rb_alloc_tmp_buffer2. When parsing cookies, only decode the values Bump version --- ext/cgi/escape/escape.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ext/cgi') diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c index 47188819cd..feedea34c8 100644 --- a/ext/cgi/escape/escape.c +++ b/ext/cgi/escape/escape.c @@ -36,7 +36,8 @@ static VALUE optimized_escape_html(VALUE str) { VALUE vbuf; - char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN); + typedef char escape_buf[HTML_ESCAPE_MAX_LEN]; + char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str)); const char *cstr = RSTRING_PTR(str); const char *end = cstr + RSTRING_LEN(str); -- cgit v1.2.3