From 5de7917c8e3014dfea6fa3efa88fc17049aff273 Mon Sep 17 00:00:00 2001
From: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Fri, 8 Oct 2004 03:36:54 +0000
Subject: [PATCH] * pack.c (pack_pack): pointer modification check before each 
  iteration.  [ruby-dev:24445]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7015 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 5 +++++
 pack.c    | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index dbf76026c1..9856ff0954 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Fri Oct  8 09:49:32 2004  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* pack.c (pack_pack): pointer modification check before each
+	  iteration.  [ruby-dev:24445]
+
 Fri Oct  8 01:13:05 2004  Hidetoshi NAGAI  <nagai@ai.kyutech.ac.jp>
 
 	* ext/tk/lib/tk/optiondb.rb: make it more secure
diff --git a/pack.c b/pack.c
index fdca0ed028..5e7ae09e20 100644
--- a/pack.c
+++ b/pack.c
@@ -464,6 +464,9 @@ pack_pack(ary, fmt)
 #define NEXTFROM (items-- > 0 ? RARRAY(ary)->ptr[idx++] : (rb_raise(rb_eArgError, toofew),0))
 
     while (p < pend) {
+	if (RSTRING(fmt)->ptr + RSTRING(fmt)->len != pend) {
+	    rb_raise(rb_eRuntimeError, "format string modified");
+	}
 	type = *p++;		/* get data type */
 #ifdef NATINT_PACK
 	natint = 0;