kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

ossl.c: integer overflow

Browse source 
* ext/openssl/ossl.c (string2hex): fix signed integer overflow.
  [ruby-core:51711] [Bug ] [Fixes GH-242]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2013-12-24 16:44:49 +00:00
parent b06f4a9398
commit 3e37a7f745
1 changed files with 3 additions and 2 deletions

5
ext/openssl/ossl.c
View file

@ -18,11 +18,12 @@ int
string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
{
static const char hex[]="0123456789abcdef";
int i, len = 2 * buf_len;
int i, len;
if (buf_len < 0 || len < buf_len) { /* PARANOIA? */
if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
return -1;
}
len = 2 * buf_len;
if (!hexbuf) { /* if no buf, return calculated len */
if (hexbuf_len) {
*hexbuf_len = len;