New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent array size calculation overflows. #3309

Merged
merged 1 commit into from Dec 1, 2016

Conversation

Projects
None yet
3 participants
@clayton-shopify
Contributor

clayton-shopify commented Nov 30, 2016

@matz

There are a couple other places where an array size calculation can overflow. First, in ary_modify where the byte size should be calculated using size_t instead of mrb_int (much like #3304). And second, in ary_concat where the addition of the two array lengths can overflow.

The following input demonstrates a segfault in ary_concat:

a = [0]
31.times { a.concat(a) }

After this change it exits with array size too big (ArgumentError).

@matz matz merged commit 61ac564 into mruby:master Dec 1, 2016

0 of 2 checks passed

continuous-integration/appveyor/pr AppVeyor build failed
Details
continuous-integration/travis-ci/pr The Travis CI build failed
Details
@tsahara

This comment has been minimized.

Show comment
Hide comment
@tsahara

tsahara Dec 1, 2016

Member

CI fails. Is compier option [-Werror=declaration-after-statement] too strict?

CC    src/array.c -> build/debug/src/array.o
/home/travis/build/mruby/mruby/src/array.c: In function ‘ary_concat’:
/home/travis/build/mruby/mruby/src/array.c:250:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
cc1: some warnings being treated as errors
Member

tsahara commented Dec 1, 2016

CI fails. Is compier option [-Werror=declaration-after-statement] too strict?

CC    src/array.c -> build/debug/src/array.o
/home/travis/build/mruby/mruby/src/array.c: In function ‘ary_concat’:
/home/travis/build/mruby/mruby/src/array.c:250:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
cc1: some warnings being treated as errors

nobu added a commit to nobu/mruby that referenced this pull request Dec 1, 2016

matz added a commit that referenced this pull request Dec 1, 2016

@matz

This comment has been minimized.

Show comment
Hide comment
@matz

matz Dec 1, 2016

Member

I know it's strict, but some compiler that is supported by mruby still complains mixed declaration.

Member

matz commented Dec 1, 2016

I know it's strict, but some compiler that is supported by mruby still complains mixed declaration.

@tsahara

This comment has been minimized.

Show comment
Hide comment
@tsahara

tsahara Dec 2, 2016

Member

Thanks nobu and matz. I like traditional syntax better than C99.

Member

tsahara commented Dec 2, 2016

Thanks nobu and matz. I like traditional syntax better than C99.

@clayton-shopify clayton-shopify deleted the clayton-shopify:fix-array-size-2 branch Dec 7, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment