diff options
| author | mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-03-01 04:40:49 +0000 |
|---|---|---|
| committer | mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-03-01 04:40:49 +0000 |
| commit | f83651ac30c7c776dee8a6a401c654757cb8d1c2 (patch) | |
| tree | 6b20bbd9e976fd30dc44180f72c5c3ee3d9a7f8d | |
| parent | d301b4d80bfdab57a9e8250b124d1de0ea0d1b62 (diff) | |
| download | ruby-f83651ac30c7c776dee8a6a401c654757cb8d1c2.tar.gz | |
* ext/bigdecimal/bigdecimal.c (VpMemAlloc): CVE-2011-0188.
Fixes a bug reported by Drew Yao <ayao at apple.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30993 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ext/bigdecimal/bigdecimal.c | 8 |
2 files changed, 9 insertions, 4 deletions
@@ -1,3 +1,8 @@ +Tue Mar 1 13:25:00 2011 Kenta Murata <mrkn@mrkn.jp> + + * ext/bigdecimal/bigdecimal.c (VpMemAlloc): CVE-2011-0188. + Fixes a bug reported by Drew Yao <ayao at apple.com> + Tue Mar 1 10:34:39 2011 NARUSE, Yui <naruse@ruby-lang.org> * string.c (rb_str_byteslice): Add String#byteslice. [ruby-core:35376] diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c index 53fb678d12..83d090280d 100644 --- a/ext/bigdecimal/bigdecimal.c +++ b/ext/bigdecimal/bigdecimal.c @@ -2237,11 +2237,11 @@ static int gnAlloc=0; /* Memory allocation counter */ VP_EXPORT void * VpMemAlloc(size_t mb) { - void *p = xmalloc((unsigned int)mb); - if(!p) { - VpException(VP_EXCEPTION_MEMORY,"failed to allocate memory",1); + void *p = xmalloc(mb); + if (!p) { + VpException(VP_EXCEPTION_MEMORY, "failed to allocate memory", 1); } - memset(p,0,mb); + memset(p, 0, mb); #ifdef BIGDECIMAL_DEBUG gnAlloc++; /* Count allocation call */ #endif /* BIGDECIMAL_DEBUG */ |