Fix integer overflow; fix #3473

The fix is suggested by https://hackerone.com/lucnguyen
mruby · Feb 28, 2017 · 7db0786abdd243ba031e24683f6140f410b65588 · 7db0786
1 parent 405f5a2
commit 7db0786abdd243ba031e24683f6140f410b65588
Unified Split

Showing with 1 addition and 1 deletion.

+1 −1 src/string.c
diff --git a/src/string.c b/src/string.c
@@ -469,7 +469,7 @@ str_substr(mrb_state *mrb, mrb_value str, mrb_int beg, mrb_int len)
    beg += clen;
    if (beg < 0) return mrb_nil_value();
  }
-  if (beg + len > clen)
+  if (len > clen - beg)
    len = clen - beg;
  if (len <= 0) {
    len = 0;