diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-03-09 04:51:17 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-03-09 04:51:17 +0000 |
commit | 1692e547931a6d6dc9f79ea122878803445644f9 (patch) | |
tree | 490fd927a67a9dfc72cdba8a37c8fb97078723bd /ext/fiddle | |
parent | cb05f199ee303448129a84d07a2ca698890f4c1f (diff) | |
download | ruby-1692e547931a6d6dc9f79ea122878803445644f9.tar.gz |
fiddle/function.c: check argument size
* ext/fiddle/function.c (initialize): check argument number if the
temporary buffer exceeds size_t max.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45300 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/fiddle')
-rw-r--r-- | ext/fiddle/function.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ext/fiddle/function.c b/ext/fiddle/function.c index 56f949ed03..4c297f7751 100644 --- a/ext/fiddle/function.c +++ b/ext/fiddle/function.c @@ -11,6 +11,18 @@ VALUE cFiddleFunction; +#define MAX_ARGS (SIZE_MAX / (sizeof(void *) + sizeof(fiddle_generic)) - 1) + +#define Check_Max_Args(name, len) \ + if ((size_t)(len) < MAX_ARGS) { \ + /* OK */ \ + } \ + else { \ + rb_raise(rb_eTypeError, \ + name" is so large that it can cause integer overflow (%d)", \ + (len)); \ + } + static void deallocate(void *p) { @@ -84,6 +96,7 @@ initialize(int argc, VALUE argv[], VALUE self) if(NIL_P(abi)) abi = INT2NUM(FFI_DEFAULT_ABI); Check_Type(args, T_ARRAY); + Check_Max_Args("args", RARRAY_LENINT(args)); rb_iv_set(self, "@ptr", ptr); rb_iv_set(self, "@args", args); @@ -129,6 +142,7 @@ function_call(int argc, VALUE argv[], VALUE self) types = rb_iv_get(self, "@args"); cPointer = rb_const_get(mFiddle, rb_intern("Pointer")); + Check_Max_Args("number of arguments", argc); if(argc != RARRAY_LENINT(types)) { rb_raise(rb_eArgError, "wrong number of arguments (%d for %d)", argc, RARRAY_LENINT(types)); |