From c3db44dc35a0ea43a0a79c487b852b200aed73ae Mon Sep 17 00:00:00 2001 From: nobu Date: Thu, 18 Apr 2013 07:20:25 +0000 Subject: [PATCH] pack.c: refix unpack base64 * pack.c (pack_unpack): increase buffer size to fix buffer overflow, and fix garbages just after unpacking without missing paddings. [Bug #8286] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40344 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 6 ++++++ pack.c | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index c5f660ac18..99544d3d93 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Thu Apr 18 16:20:21 2013 Nobuyoshi Nakada + + * pack.c (pack_unpack): increase buffer size to fix buffer overflow, + and fix garbages just after unpacking without missing paddings. + [Bug #8286] + Thu Apr 18 13:35:54 2013 NARUSE, Yui * pack.c (pack_unpack): output characters even if the input doesn't diff --git a/pack.c b/pack.c index e6ea8a93db..1300e43b5d 100644 --- a/pack.c +++ b/pack.c @@ -1941,7 +1941,7 @@ pack_unpack(VALUE str, VALUE fmt) case 'm': { - VALUE buf = infected_str_new(0, (send - s + 2)*3/4, str); /* +2 is for skipping paddings */ + VALUE buf = infected_str_new(0, (send - s + 3)*3/4, str); /* +3 is for skipping paddings */ char *ptr = RSTRING_PTR(buf); int a = -1,b = -1,c = 0,d = 0; static signed char b64_xtable[256]; @@ -2004,6 +2004,7 @@ pack_unpack(VALUE str, VALUE fmt) *ptr++ = castchar(a << 2 | b >> 4); *ptr++ = castchar(b << 4 | c >> 2); *ptr++ = castchar(c << 6 | d); + a = -1; } if (a != -1 && b != -1) { if (c == -1)