From 8ca2f8565dace585513b92300fefc5935667e924 Mon Sep 17 00:00:00 2001 From: nobu Date: Fri, 7 Feb 2014 16:20:55 +0000 Subject: [PATCH] ruby.c: check argc * ruby.c (proc_options): check argc before dereference of argv, to get rid of potential out-of-bound access. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44882 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ruby.c | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/ruby.c b/ruby.c index a871242272e8e1..7dc6ac0087a1c3 100644 --- a/ruby.c +++ b/ruby.c @@ -897,11 +897,9 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt) if (envopt) goto noenvopt; forbid_setid("-e"); if (!*++s) { - s = argv[1]; - argc--, argv++; - } - if (!s) { - rb_raise(rb_eRuntimeError, "no code specified for -e"); + if (!--argc) + rb_raise(rb_eRuntimeError, "no code specified for -e"); + s = *++argv; } if (!opt->e_script) { opt->e_script = rb_str_new(0, 0); @@ -917,7 +915,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt) if (*++s) { add_modules(&opt->req_list, s); } - else if (argv[1]) { + else if (argc > 1) { add_modules(&opt->req_list, argv[1]); argc--, argv++; } @@ -941,12 +939,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt) case 'C': case 'X': if (envopt) goto noenvopt; - s++; - if (!*s) { - s = argv[1]; - argc--, argv++; - } - if (!s || !*s) { + if (!*++s && (!--argc || !(s = *++argv) || !*s)) { rb_fatal("Can't chdir"); } if (chdir(s) < 0) { @@ -1017,7 +1010,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt) forbid_setid("-I"); if (*++s) ruby_incpush_expand(s); - else if (argv[1]) { + else if (argc > 1) { ruby_incpush_expand(argv[1]); argc--, argv++; }