diff options
author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-12-20 05:26:08 +0000 |
---|---|---|
committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-12-20 05:26:08 +0000 |
commit | 185efc2c98bd3d19230067ccb408dbd3bf03f982 (patch) | |
tree | a233c4258ad27cda9d4fd0b7157dc43cd4220f31 /strftime.c | |
parent | 0c44fc2bc0b9bcac022effce53f7fcb7f1bb5af2 (diff) | |
download | ruby-185efc2c98bd3d19230067ccb408dbd3bf03f982.tar.gz |
array.c: check array length every time after yielding
Since the Array may be modified during rb_yield(), the length before
invoking the block can't be trusted. Fix possible out-of-bounds read in
Array#combination and Array#repeated_combination.
It may better to make a defensive copy of the Array, but for now let's
follow what Array#permutation does. [ruby-core:78738] [Bug #13052]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57119 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'strftime.c')
0 files changed, 0 insertions, 0 deletions