Fix integer overflow; fix #3473

The fix is suggested by https://hackerone.com/lucnguyen
mruby · Feb 28, 2017 · 7db0786abdd243ba031e24683f6140f410b65588 · 7db0786
1 parent 405f5a2
commit 7db0786abdd243ba031e24683f6140f410b65588
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/string.c b/src/string.c
@@ -469,7 +469,7 @@ str_substr(mrb_state *mrb, mrb_value str, mrb_int beg, mrb_int len)
     beg += clen;
     if (beg < 0) return mrb_nil_value();
   }
-  if (beg + len > clen)
+  if (len > clen - beg)
     len = clen - beg;
   if (len <= 0) {
     len = 0;