diff options
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | ext/date/date_parse.c | 9 |
2 files changed, 14 insertions, 3 deletions
@@ -1,3 +1,11 @@ +Sun Aug 28 15:38:17 2011 CHIKANAGA Tomoyuki <nagachika00@gmail.com> + + * ext/date/date_parse.c (date_zone_to_diff): keep a temporary string + stored in variable while the contents buffer is beeing used. + + * ext/date/date_parse.c (date_zone_to_diff): get rid of out of bounds + memory read. [ruby-dev:44409] [Bug #5213] + Sun Aug 28 05:29:50 2011 Ryan Davis <ryand-ruby@zenspider.com> * lib/minitest/*: Imported minitest 2.5.1 (r6596) diff --git a/ext/date/date_parse.c b/ext/date/date_parse.c index 1214f39781..597c25ac55 100644 --- a/ext/date/date_parse.c +++ b/ext/date/date_parse.c @@ -392,10 +392,10 @@ date_zone_to_diff(VALUE str) dl = RSTRING_LEN(str) - (sizeof DST - 1); ds = RSTRING_PTR(str) + dl; - if (strcmp(ss, STD) == 0) { + if (sl >= 0 && strcmp(ss, STD) == 0) { str = rb_str_new(RSTRING_PTR(str), sl); } - else if (strcmp(ds, DST) == 0) { + else if (dl >= 0 && strcmp(ds, DST) == 0) { str = rb_str_new(RSTRING_PTR(str), dl); dst = 1; } @@ -409,7 +409,7 @@ date_zone_to_diff(VALUE str) dl = RSTRING_LEN(str) - (sizeof DST - 1); ds = RSTRING_PTR(str) + dl; - if (strcmp(ds, DST) == 0) { + if (dl >= 0 && strcmp(ds, DST) == 0) { str = rb_str_new(RSTRING_PTR(str), dl); dst = 1; } @@ -441,8 +441,10 @@ date_zone_to_diff(VALUE str) char *s, *p; VALUE sign; VALUE hour = Qnil, min = Qnil, sec = Qnil; + VALUE str_orig; s = RSTRING_PTR(str); + str_orig = str; if (strncmp(s, "gmt", 3) == 0 || strncmp(s, "utc", 3) == 0) @@ -467,6 +469,7 @@ date_zone_to_diff(VALUE str) } else min = rb_str_new2(s); + RB_GC_GUARD(str_orig); goto num; } if (strpbrk(RSTRING_PTR(str), ",.")) { |