diff options
author | 卜部昌平 <shyouhei@ruby-lang.org> | 2019-10-08 16:07:31 +0900 |
---|---|---|
committer | 卜部昌平 <shyouhei@ruby-lang.org> | 2019-10-09 12:12:28 +0900 |
commit | a14cc07f2ffc704b73ba4b96543e2f85c3ed1921 (patch) | |
tree | 5a1401287127827345cfe080ec98bb715ca2fab5 /man | |
parent | 7e0ae1698d4db0baec858a46de8d1ae875360cf5 (diff) | |
download | ruby-a14cc07f2ffc704b73ba4b96543e2f85c3ed1921.tar.gz |
avoid returning NULL from xrealloc
This changeset is to kill future possibility of bugs similar to
CVE-2019-11932. The vulnerability occurs when reallocarray(3)
(which is a variant of realloc(3) and roughly resembles our
ruby_xmalloc2()) returns NULL. In our C API, ruby_xmalloc()
never returns NULL to raise NoMemoryError instead. ruby_xfree()
does not return NULL by definition. ruby_xrealloc() on the other
hand, _did_ return NULL, _and_ also raised sometimes. It is very
confusing. Let's not do that. x-series APIs shall raise on
error and shall not return NULL.
Diffstat (limited to 'man')
0 files changed, 0 insertions, 0 deletions