Permalink
Browse files

Fix integer overflow; fix #3473

The fix is suggested by https://hackerone.com/lucnguyen
  • Loading branch information...
matz committed Feb 28, 2017
1 parent 405f5a2 commit 7db0786abdd243ba031e24683f6140f410b65588
Showing with 1 addition and 1 deletion.
  1. +1 −1 src/string.c
View
@@ -469,7 +469,7 @@ str_substr(mrb_state *mrb, mrb_value str, mrb_int beg, mrb_int len)
beg += clen;
if (beg < 0) return mrb_nil_value();
}
if (beg + len > clen)
if (len > clen - beg)
len = clen - beg;
if (len <= 0) {
len = 0;

0 comments on commit 7db0786

Please sign in to comment.