diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-04-14 03:58:35 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-04-14 03:58:35 +0000 |
commit | 6be73862186f958638776b7b8545f26f7010f97b (patch) | |
tree | a7d38d5822f0bfde2395c427011ccd1a37258a29 | |
parent | b2dde8243ba18a68010e4b1f3b720c093a7c48a3 (diff) | |
download | bundler-6be73862186f958638776b7b8545f26f7010f97b.tar.gz |
* array.c (ary_new): new integer overflow check condition.
suggested by TOYOFUKU Chikanobu <nobu_toyofuku at nifty.com> in
[ruby-dev:34156].
* array.c (rb_ary_initialize): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15997 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | array.c | 4 |
2 files changed, 10 insertions, 2 deletions
@@ -6,6 +6,14 @@ Mon Apr 14 12:52:25 2008 Nobuyoshi Nakada <nobu@ruby-lang.org> * gc.c (finalizers): removed. [ruby-dev:34349] +Mon Apr 14 11:30:07 2008 Yukihiro Matsumoto <matz@ruby-lang.org> + + * array.c (ary_new): new integer overflow check condition. + suggested by TOYOFUKU Chikanobu <nobu_toyofuku at nifty.com> in + [ruby-dev:34156]. + + * array.c (rb_ary_initialize): ditto. + Mon Apr 14 00:51:40 2008 Yusuke Endoh <mame@tsg.ne.jp> * test/ruby/test_parse.rb: add tests to achieve over 95% test coverage @@ -114,7 +114,7 @@ ary_new(VALUE klass, long len) if (len < 0) { rb_raise(rb_eArgError, "negative array size (or size too big)"); } - if (len > 0 && len * (long)sizeof(VALUE) <= len) { + if (len > LONG_MAX / sizeof(VALUE)) { rb_raise(rb_eArgError, "array size too big"); } ary = ary_alloc(klass); @@ -313,7 +313,7 @@ rb_ary_initialize(int argc, VALUE *argv, VALUE ary) if (len < 0) { rb_raise(rb_eArgError, "negative array size"); } - if (len > 0 && len * (long)sizeof(VALUE) <= len) { + if (len > LONG_MAX / sizeof(VALUE)) { rb_raise(rb_eArgError, "array size too big"); } rb_ary_modify(ary); |