From 05c631eefd55b1faaaa5b46e31e26945e2d77b1d Mon Sep 17 00:00:00 2001
From: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 25 May 2016 09:45:22 +0000
Subject: * regparse.c (fetch_token_in_cc): raise error if given octal escaped 
  character is too big. [Bug #12420] [Bug #12423]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55163 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 regparse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'regparse.c')

diff --git a/regparse.c b/regparse.c
index f405f5481b..2924601bc2 100644
--- a/regparse.c
+++ b/regparse.c
@@ -3229,7 +3229,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
 	PUNFETCH;
 	prev = p;
 	num = scan_unsigned_octal_number(&p, end, 3, enc);
-	if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+	if (num < 0 || 0xff < num) return ONIGERR_TOO_BIG_NUMBER;
 	if (p == prev) {  /* can't read nothing. */
 	  num = 0; /* but, it's not error */
 	}
-- 
cgit v1.2.3