From 05c631eefd55b1faaaa5b46e31e26945e2d77b1d Mon Sep 17 00:00:00 2001 From: naruse Date: Wed, 25 May 2016 09:45:22 +0000 Subject: * regparse.c (fetch_token_in_cc): raise error if given octal escaped character is too big. [Bug #12420] [Bug #12423] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55163 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 5 +++++ regparse.c | 2 +- test/ruby/test_regexp.rb | 2 ++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index d06c00c651..a36b9313a0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +Wed May 25 18:30:53 2016 NARUSE, Yui + + * regparse.c (fetch_token_in_cc): raise error if given octal escaped + character is too big. [Bug #12420] [Bug #12423] + Wed May 25 17:45:15 2016 Kazuki Yamaguchi * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. diff --git a/regparse.c b/regparse.c index f405f5481b..2924601bc2 100644 --- a/regparse.c +++ b/regparse.c @@ -3229,7 +3229,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) PUNFETCH; prev = p; num = scan_unsigned_octal_number(&p, end, 3, enc); - if (num < 0) return ONIGERR_TOO_BIG_NUMBER; + if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER; if (p == prev) { /* can't read nothing. */ num = 0; /* but, it's not error */ } diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb index 85e78383b0..66e2802a23 100644 --- a/test/ruby/test_regexp.rb +++ b/test/ruby/test_regexp.rb @@ -439,6 +439,8 @@ class TestRegexp < Test::Unit::TestCase assert_equal(arg_encoding_none, Regexp.new("", nil, "N").options) assert_raise(RegexpError) { Regexp.new(")(") } + assert_raise(RegexpError) { Regexp.new('[\\40000000000') } + assert_raise(RegexpError) { Regexp.new('[\\600000000000.') } end def test_unescape -- cgit v1.2.3