diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-09-10 08:05:12 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-09-10 08:05:12 +0000 |
commit | ddf6eb40c725434fec5341e73777a0d59e135287 (patch) | |
tree | a6ae297022915ed0f0419c93f9a9a729687b1117 | |
parent | 6a6362d633b7ef086523dacdd16f132739ad1d75 (diff) | |
download | ruby-ddf6eb40c725434fec5341e73777a0d59e135287.tar.gz |
variable.c: check index overflow
* variable.c (rb_ivar_set), vm_insnhelper.c (vm_setivar): check
instance variable index overflow.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47512 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | variable.c | 1 | ||||
-rw-r--r-- | vm_insnhelper.c | 5 |
2 files changed, 5 insertions, 1 deletions
diff --git a/variable.c b/variable.c index 0f6fba032d..f2c582c915 100644 --- a/variable.c +++ b/variable.c @@ -1153,6 +1153,7 @@ rb_ivar_set(VALUE obj, ID id, VALUE val) ivar_extended = 0; if (!st_lookup(iv_index_tbl, (st_data_t)id, &index)) { index = iv_index_tbl->num_entries; + if (index >= INT_MAX) rb_raise(rb_eArgError, "too many instance variables"); st_add_direct(iv_index_tbl, (st_data_t)id, index); ivar_extended = 1; } diff --git a/vm_insnhelper.c b/vm_insnhelper.c index c9ec803630..05ed3c62aa 100644 --- a/vm_insnhelper.c +++ b/vm_insnhelper.c @@ -570,8 +570,11 @@ vm_setivar(VALUE obj, ID id, VALUE val, IC ic, rb_call_info_t *ci, int is_attr) ic->ic_value.index = index; ic->ic_serial = RCLASS_SERIAL(klass); } + else if (index >= INT_MAX) { + rb_raise(rb_eArgError, "too many instance variables"); + } else { - ci->aux.index = index + 1; + ci->aux.index = (int)(index + 1); } } /* fall through */ |