diff options
author | Yusuke Endoh <mame@ruby-lang.org> | 2022-10-25 15:45:40 +0900 |
---|---|---|
committer | Yusuke Endoh <mame@ruby-lang.org> | 2022-10-25 17:02:43 +0900 |
commit | 1d2d25dcadda0764f303183ac091d0c87b432566 (patch) | |
tree | b9e42a7d3aa1b036b646883825d7a6e26fbe8a5c /lib/erb | |
parent | 114e71d06280f9c57b9859ee4405ae89a989ddb6 (diff) | |
download | ruby-1d2d25dcadda0764f303183ac091d0c87b432566.tar.gz |
Prevent potential buffer overrun in onigmo
A code pattern `p + enclen(enc, p, pend)` may lead to a buffer overrun
if incomplete bytes of a UTF-8 character is placed at the end of a
string. Because this pattern is used in several places in onigmo,
this change fixes the issue in the side of `enclen`: the function should
not return a number that is larger than `pend - p`.
Co-Authored-By: Nobuyoshi Nakada <nobu@ruby-lang.org>
Diffstat (limited to 'lib/erb')
0 files changed, 0 insertions, 0 deletions