kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

[ruby/cgi] Fix integer overflow

Browse source 
Make use of the check in rb_alloc_tmp_buffer2.

https://hackerone.com/reports/1328463

https://github.com/ruby/cgi/commit/c728632c1c
This commit is contained in:
Nobuyoshi Nakada 2021-09-03 19:40:22 +09:00 committed by git
parent 3454a456d1
commit da34f31ad0
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ext/cgi/escape/escape.c
View file

@ -36,7 +36,8 @@ static VALUE
optimized_escape_html(VALUE str) optimized_escape_html(VALUE str)
{ {
VALUE vbuf; VALUE vbuf;
char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN); typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
const char *cstr = RSTRING_PTR(str); const char *cstr = RSTRING_PTR(str);
const char *end = cstr + RSTRING_LEN(str); const char *end = cstr + RSTRING_LEN(str);