diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-10-15 00:58:09 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-10-15 00:58:09 +0000 |
commit | 14264f5f622f7a2b7688edfdcfad0aa6d8db155d (patch) | |
tree | 223b96f857250ab69187ff081f63b1d596bae98d | |
parent | 297d2e05cbb0ff8314cf9f595ba8916ef23b0ad3 (diff) | |
download | ruby-14264f5f622f7a2b7688edfdcfad0aa6d8db155d.tar.gz |
* marshal.c (r_bytes0): check if source has enough data.
[ruby-dev:32054]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@13700 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | marshal.c | 2 | ||||
-rw-r--r-- | test/ruby/test_marshal.rb | 20 | ||||
-rw-r--r-- | version.h | 6 |
4 files changed, 29 insertions, 4 deletions
@@ -1,3 +1,8 @@ +Mon Oct 15 09:58:07 2007 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * marshal.c (r_bytes0): check if source has enough data. + [ruby-dev:32054] + Mon Oct 15 01:15:09 2007 Tanaka Akira <akr@fsij.org> * ext/socket/socket.c (s_accept_nonblock): make accepted fd @@ -929,7 +929,7 @@ r_bytes0(long len, struct load_arg *arg) if (len == 0) return rb_str_new(0, 0); if (TYPE(arg->src) == T_STRING) { - if (RSTRING_LEN(arg->src) > arg->offset) { + if (RSTRING_LEN(arg->src) > arg->offset + len) { str = rb_str_new(RSTRING_PTR(arg->src)+arg->offset, len); arg->offset += len; } diff --git a/test/ruby/test_marshal.rb b/test/ruby/test_marshal.rb index d438ef4d85..049db1221e 100644 --- a/test/ruby/test_marshal.rb +++ b/test/ruby/test_marshal.rb @@ -52,4 +52,24 @@ class TestMarshal < Test::Unit::TestCase TestMarshal::StructInvalidMembers.members } end + + class C + def initialize(str) + @str = str + end + def _dump(limit) + @str + end + def self._load(s) + new(s) + end + end + + def test_too_long_string + (data = Marshal.dump(C.new("a")))[-2, 1] = "\003\377\377\377" + e = assert_raise(ArgumentError, "[ruby-dev:32054]") { + Marshal.load(data) + } + assert_equal("marshal data too short", e.message) + end end @@ -1,7 +1,7 @@ #define RUBY_VERSION "1.9.0" -#define RUBY_RELEASE_DATE "2007-10-14" +#define RUBY_RELEASE_DATE "2007-10-15" #define RUBY_VERSION_CODE 190 -#define RUBY_RELEASE_CODE 20071014 +#define RUBY_RELEASE_CODE 20071015 #define RUBY_PATCHLEVEL 0 #define RUBY_VERSION_MAJOR 1 @@ -9,7 +9,7 @@ #define RUBY_VERSION_TEENY 0 #define RUBY_RELEASE_YEAR 2007 #define RUBY_RELEASE_MONTH 10 -#define RUBY_RELEASE_DAY 14 +#define RUBY_RELEASE_DAY 15 #ifdef RUBY_EXTERN RUBY_EXTERN const char ruby_version[]; |