From 58e8c9c895cc21473d6e46978666016a6e627d5f Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 14 Jun 2016 13:07:27 +0000
Subject: date_strftime.c: check precision

* ext/date/date_strftime.c (date_strftime_with_tmx): reject too
  large precision to get rid of buffer overflow.
  reported by Guido Vranken <guido AT guidovranken.nl>.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55410 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 test/date/test_date_strftime.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'test/date/test_date_strftime.rb')

diff --git a/test/date/test_date_strftime.rb b/test/date/test_date_strftime.rb
index 7472a4323d..1c0f9b11b4 100644
--- a/test/date/test_date_strftime.rb
+++ b/test/date/test_date_strftime.rb
@@ -420,4 +420,12 @@ class TestDateStrftime < Test::Unit::TestCase
 
   end
 
+  def test_overflow
+    assert_raise(ArgumentError, Errno::ERANGE) {
+      Date.new(2000,1,1).strftime("%2147483647c")
+    }
+    assert_raise(ArgumentError, Errno::ERANGE) {
+      DateTime.new(2000,1,1).strftime("%2147483647c")
+    }
+  end
 end
-- 
cgit v1.2.3