Permalink
Browse files

pack.c: fix underflow

* pack.c (pack_unpack_internal): get rid of underflow.
  https://hackerone.com/reports/298246

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62992 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
  • Loading branch information...
nobu committed Mar 28, 2018
1 parent 8794dec commit d02b7bd864706fc2a40d83fb6014772ad3cc3b80
Showing with 4 additions and 1 deletion.
  1. +1 −1 pack.c
  2. +3 −0 test/ruby/test_pack.rb
2 pack.c
@@ -1128,7 +1128,7 @@ pack_unpack_internal(VALUE str, VALUE fmt, int mode)
else if (ISDIGIT(*p)) {
errno = 0;
len = STRTOUL(p, (char**)&p, 10);
if (errno) {
if (len < 0 || errno) {
rb_raise(rb_eRangeError, "pack length too big");
}
}
@@ -550,6 +550,9 @@ def test_pack_unpack_atmark
assert_equal([1, 2], "\x01\x00\x00\x02".unpack("C@3C"))
assert_equal([nil], "\x00".unpack("@1C")) # is it OK?
assert_raise(ArgumentError) { "\x00".unpack("@2C") }

pos = RbConfig::LIMITS["UINTPTR_MAX"] - 99 # -100
assert_raise(RangeError) {"0123456789".unpack("@#{pos}C10")}
end

def test_pack_unpack_percent

0 comments on commit d02b7bd

Please sign in to comment.