Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

cherry pick 46cd2f4 for CVE-2013-4164 #457

Closed
wants to merge 1 commit into from

2 participants

@hone

merge revision(s) 43775:

* util.c (ruby_strtod): ignore too long fraction part, which does not
  affect the result.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@43778 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Conflicts:
ChangeLog
test/ruby/test_float.rb
version.h

@nagachika nagachika cherry pick 46cd2f4 for CVE-2013-4164
merge revision(s) 43775:

	* util.c (ruby_strtod): ignore too long fraction part, which does not
	  affect the result.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@43778 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Conflicts:
	ChangeLog
	test/ruby/test_float.rb
	version.h
7bfddb6
@hone hone referenced this pull request from a commit in hone/ruby
@nobu nobu merge revision(s) 43775: [Fixes GH-457]
ruby#457

    * util.c (ruby_strtod): ignore too long fraction part, which does not
      affect the result.
64e9ae9
@evanphx evanphx referenced this pull request from a commit
@hone hone merge revision(s) 43775: [Fixes GH-457]
#457

    * util.c (ruby_strtod): ignore too long fraction part, which does not
      affect the result.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@44351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
dabc903
@hone hone closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Nov 25, 2013
  1. @nagachika @hone

    cherry pick 46cd2f4 for CVE-2013-4164

    nagachika authored hone committed
    merge revision(s) 43775:
    
    	* util.c (ruby_strtod): ignore too long fraction part, which does not
    	  affect the result.
    
    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@43778 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
    
    Conflicts:
    	ChangeLog
    	test/ruby/test_float.rb
    	version.h
This page is out of date. Refresh to see the latest.
Showing with 28 additions and 7 deletions.
  1. +5 −0 ChangeLog
  2. +6 −0 test/ruby/test_float.rb
  3. +12 −2 util.c
  4. +5 −5 version.h
View
5 ChangeLog
@@ -1,3 +1,8 @@
+Fri Nov 22 12:46:08 2013 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * util.c (ruby_strtod): ignore too long fraction part, which does not
+ affect the result.
+
Thu Jun 27 20:55:23 2013 URABE Shyouhei <shyouhei@ruby-lang.org>
* test/openssl/test_ssl.rb: Oops, sorry!
View
6 test/ruby/test_float.rb
@@ -171,4 +171,10 @@ def test_cmp
assert_raise(ArgumentError) { 1.0 < nil }
assert_raise(ArgumentError) { 1.0 <= nil }
end
+
+ def test_long_string
+ assert_separately([], <<-'end;')
+ assert_in_epsilon(10.0, ("1."+"1"*300000).to_f*9)
+ end;
+ end
end
View
14 util.c
@@ -892,6 +892,11 @@ extern void *MALLOC(size_t);
#else
#define MALLOC malloc
#endif
+#ifdef FREE
+extern void FREE(void*);
+#else
+#define FREE free
+#endif
#ifndef Omit_Private_Memory
#ifndef PRIVATE_MEM
@@ -1176,7 +1181,7 @@ Balloc(int k)
#endif
ACQUIRE_DTOA_LOCK(0);
- if ((rv = freelist[k]) != 0) {
+ if (k <= Kmax && (rv = freelist[k]) != 0) {
freelist[k] = rv->next;
}
else {
@@ -1186,7 +1191,7 @@ Balloc(int k)
#else
len = (sizeof(Bigint) + (x-1)*sizeof(ULong) + sizeof(double) - 1)
/sizeof(double);
- if (pmem_next - private_mem + len <= PRIVATE_mem) {
+ if (k <= Kmax && pmem_next - private_mem + len <= PRIVATE_mem) {
rv = (Bigint*)pmem_next;
pmem_next += len;
}
@@ -1205,6 +1210,10 @@ static void
Bfree(Bigint *v)
{
if (v) {
+ if (v->k > Kmax) {
+ FREE(v);
+ return;
+ }
ACQUIRE_DTOA_LOCK(0);
v->next = freelist[v->k];
freelist[v->k] = v;
@@ -2200,6 +2209,7 @@ ruby_strtod(const char *s00, char **se)
for (; c >= '0' && c <= '9'; c = *++s) {
have_dig:
nz++;
+ if (nf > DBL_DIG * 2) continue;
if (c -= '0') {
nf += nz;
for (i = 1; i < nz; i++)
View
10 version.h
@@ -1,15 +1,15 @@
#define RUBY_VERSION "1.8.7"
-#define RUBY_RELEASE_DATE "2013-06-27"
+#define RUBY_RELEASE_DATE "2013-11-22"
#define RUBY_VERSION_CODE 187
-#define RUBY_RELEASE_CODE 20130627
-#define RUBY_PATCHLEVEL 374
+#define RUBY_RELEASE_CODE 20131122
+#define RUBY_PATCHLEVEL 375
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8
#define RUBY_VERSION_TEENY 7
#define RUBY_RELEASE_YEAR 2013
-#define RUBY_RELEASE_MONTH 6
-#define RUBY_RELEASE_DAY 27
+#define RUBY_RELEASE_MONTH 11
+#define RUBY_RELEASE_DAY 22
#ifdef RUBY_EXTERN
RUBY_EXTERN const char ruby_version[];
Something went wrong with that request. Please try again.