Permalink
Browse files

ruby.c: check argc

* ruby.c (proc_options): check argc before dereference of argv, to get
  rid of potential out-of-bound access.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44882 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
  • Loading branch information...
1 parent 93cf7aa commit 8ca2f8565dace585513b92300fefc5935667e924 @nobu nobu committed Feb 7, 2014
Showing with 6 additions and 13 deletions.
  1. +6 −13 ruby.c
View
19 ruby.c
@@ -897,11 +897,9 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt)
if (envopt) goto noenvopt;
forbid_setid("-e");
if (!*++s) {
- s = argv[1];
- argc--, argv++;
- }
- if (!s) {
- rb_raise(rb_eRuntimeError, "no code specified for -e");
+ if (!--argc)
+ rb_raise(rb_eRuntimeError, "no code specified for -e");
+ s = *++argv;
}
if (!opt->e_script) {
opt->e_script = rb_str_new(0, 0);
@@ -917,7 +915,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt)
if (*++s) {
add_modules(&opt->req_list, s);
}
- else if (argv[1]) {
+ else if (argc > 1) {
add_modules(&opt->req_list, argv[1]);
argc--, argv++;
}
@@ -941,12 +939,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt)
case 'C':
case 'X':
if (envopt) goto noenvopt;
- s++;
- if (!*s) {
- s = argv[1];
- argc--, argv++;
- }
- if (!s || !*s) {
+ if (!*++s && (!--argc || !(s = *++argv) || !*s)) {
rb_fatal("Can't chdir");
}
if (chdir(s) < 0) {
@@ -1017,7 +1010,7 @@ proc_options(long argc, char **argv, struct cmdline_options *opt, int envopt)
forbid_setid("-I");
if (*++s)
ruby_incpush_expand(s);
- else if (argv[1]) {
+ else if (argc > 1) {
ruby_incpush_expand(argv[1]);
argc--, argv++;
}

0 comments on commit 8ca2f85

Please sign in to comment.