diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-13 09:45:12 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-13 09:45:12 +0000 |
commit | ce6f0e36a3107e4d78f8b508581cebbc9c8dd0f7 (patch) | |
tree | 0321d1c37efcd794c0f60a77886f72f32046bb34 /io.c | |
parent | bcc2421b4938fc1d9f5f3fb6ef2320571b27af42 (diff) | |
download | ruby-ce6f0e36a3107e4d78f8b508581cebbc9c8dd0f7.tar.gz |
io.c: fix stack smashing
* io.c (parse_mode_enc): fix buffer overflow.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53083 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'io.c')
-rw-r--r-- | io.c | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -5090,9 +5090,11 @@ parse_mode_enc(const char *estr, rb_encoding **enc_p, rb_encoding **enc2_p, int fmode |= FMODE_SETENC_BY_BOM; estr += 4; len -= 4; - memcpy(encname, estr, len); - encname[len] = '\0'; - estr = encname; + if (len > 0 && len <= ENCODING_MAXNAMELEN) { + memcpy(encname, estr, len); + encname[len] = '\0'; + estr = encname; + } } idx = rb_enc_find_index(estr); } |