diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | string.c | 5 |
2 files changed, 10 insertions, 0 deletions
@@ -1,3 +1,8 @@ +Thu Aug 5 19:59:55 2010 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * string.c (rb_str_set_len): bail out when buffer overflowed + probably. + Thu Aug 5 19:51:21 2010 Nobuyoshi Nakada <nobu@ruby-lang.org> * compile.c (iseq_compile_each): drop unused ARGSCAT results. @@ -1693,10 +1693,15 @@ rb_str_unlocktmp(VALUE str) void rb_str_set_len(VALUE str, long len) { + long capa; + str_modifiable(str); if (STR_SHARED_P(str)) { rb_raise(rb_eRuntimeError, "can't set length of shared string"); } + if (len > (capa = (long)rb_str_capacity(str))) { + rb_bug("probable buffer overflow: %ld for %ld", len, capa); + } STR_SET_LEN(str, len); RSTRING_PTR(str)[len] = '\0'; } |