--
-$Id: ChangeLog 67 2005-06-29 15:44:09Z tilman $
+$Id: ChangeLog 68 2005-06-29 16:50:47Z tilman $
++
2005-06-29 Tilman Sauerbeck (tilman at code-monkey de)
global variable
* ext/ext.c: Remove unneeded StringValue() calls in
chunk_serialize()
+ * ext/ext.c: Properly check for an integer overflow when
+ computing the total buffer size in Chunk#initialize
2005-06-28 Tilman Sauerbeck (tilman at code-monkey de)
* ext/ext.c: Removed stray backslash
/*
- * $Id: ext.c 67 2005-06-29 15:44:09Z tilman $
+ * $Id: ext.c 68 2005-06-29 16:50:47Z tilman $
*
* Copyright (c) 2005 Tilman Sauerbeck (tilman at code-monkey de)
*
static VALUE
chunk_init (VALUE self, VALUE tag, VALUE data)
{
- unsigned long len;
+ long tag_len, data_len, tmp;
StringValue (tag);
StringValue (data);
/* libeet uses a signed 32bit integer to store the
* chunk size, so make sure we don't overflow it
*/
- len = RSTRING (tag)->len + 1 + RSTRING (data)->len;
- if (len < 0 || len >= 2147483647L)
+ tag_len = RSTRING (tag)->len;
+ data_len = RSTRING (data)->len;
+ tmp = tag_len + 1 + data_len;
+
+ if (tmp < tag_len || tmp < data_len || tmp < 1 || tmp >= 2147483647L)
rb_raise (rb_eArgError, "tag or data too long");
rb_ivar_set (self, id_tag, rb_str_dup_frozen (tag));
projects / ruby-eet.git / commitdiff