kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* ext/zlib/zlib.c (gzfile_read_header): Ensure that each section of

Browse source 
gzip header is readable to avoid SEGV.

* test/zlib/test_zlib.rb (test_corrupted_header): Test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33023 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nahi 2011-08-23 02:36:13 +00:00
parent 4ed4711361
commit e3e985064a
3 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -1,3 +1,10 @@
Tue Aug 23 11:27:26 2011 Hiroshi Nakamura <nahi@ruby-lang.org>
* ext/zlib/zlib.c (gzfile_read_header): Ensure that each section of
gzip header is readable to avoid SEGV.
* test/zlib/test_zlib.rb (test_corrupted_header): Test it.
Mon Aug 22 23:43:33 2011 CHIKANAGA Tomoyuki <nagachika00@gmail.com> Mon Aug 22 23:43:33 2011 CHIKANAGA Tomoyuki <nagachika00@gmail.com>
* sprintf.c (rb_str_format): add RB_GC_GUARD to prevent temporary * sprintf.c (rb_str_format): add RB_GC_GUARD to prevent temporary

6
ext/zlib/zlib.c
View file

@ -2306,6 +2306,9 @@ gzfile_read_header(struct gzfile *gz)
zstream_discard_input(&gz->z, 2 + len); zstream_discard_input(&gz->z, 2 + len);
} }
if (flags & GZ_FLAG_ORIG_NAME) { if (flags & GZ_FLAG_ORIG_NAME) {
if (!gzfile_read_raw_ensure(gz, 1)) {
rb_raise(cGzError, "unexpected end of file");
}
p = gzfile_read_raw_until_zero(gz, 0); p = gzfile_read_raw_until_zero(gz, 0);
len = p - RSTRING_PTR(gz->z.input); len = p - RSTRING_PTR(gz->z.input);
gz->orig_name = rb_str_new(RSTRING_PTR(gz->z.input), len); gz->orig_name = rb_str_new(RSTRING_PTR(gz->z.input), len);
@ -2313,6 +2316,9 @@ gzfile_read_header(struct gzfile *gz)
zstream_discard_input(&gz->z, len + 1); zstream_discard_input(&gz->z, len + 1);
} }
if (flags & GZ_FLAG_COMMENT) { if (flags & GZ_FLAG_COMMENT) {
if (!gzfile_read_raw_ensure(gz, 1)) {
rb_raise(cGzError, "unexpected end of file");
}
p = gzfile_read_raw_until_zero(gz, 0); p = gzfile_read_raw_until_zero(gz, 0);
len = p - RSTRING_PTR(gz->z.input); len = p - RSTRING_PTR(gz->z.input);
gz->comment = rb_str_new(RSTRING_PTR(gz->z.input), len); gz->comment = rb_str_new(RSTRING_PTR(gz->z.input), len);

14
test/zlib/test_zlib.rb
View file

@ -694,6 +694,20 @@ if defined? Zlib
assert_equal("foo", Zlib::GzipReader.wrap(f) {|gz| gz.read }) assert_equal("foo", Zlib::GzipReader.wrap(f) {|gz| gz.read })
assert_raise(IOError) { f.close } assert_raise(IOError) { f.close }
end end
def test_corrupted_header
gz = Zlib::GzipWriter.new(StringIO.new(s = ""))
gz.orig_name = "X"
gz.comment = "Y"
gz.print("foo")
gz.finish
# 14: magic(2) + method(1) + flag(1) + mtime(4) + exflag(1) + os(1) + orig_name(2) + comment(2)
1.upto(14) do |idx|
assert_raise(Zlib::GzipFile::Error, idx) do
Zlib::GzipReader.new(StringIO.new(s[0, idx])).read
end
end
end
end end
class TestZlibGzipWriter < Test::Unit::TestCase class TestZlibGzipWriter < Test::Unit::TestCase