[#48190] [ruby-trunk - Feature #9816] 文字列内の数字を数値として比較するメソッド — zn@...
Issue #9816 has been updated by Kazuhiro NISHIYAMA.
3 messages
2014/05/08
[ruby-dev:48253] [ruby-trunk - Bug #9868] [Open] bigdecimal#VpAlloc causes out-of-bounds read
From:
mame@...
Date:
2014-05-27 15:48:03 UTC
List:
ruby-dev #48253
Issue #9868 has been reported by Yusuke Endoh.
----------------------------------------
Bug #9868: bigdecimal#VpAlloc causes out-of-bounds read
https://bugs.ruby-lang.org/issues/9868
* Author: Yusuke Endoh
* Status: Open
* Priority: Normal
* Assignee: Kenta Murata
* Category: ext
* Target version: current: 2.2.0
* ruby -v: ruby 2.2.0dev (2014-05-25 trunk 46107) [x86_64-linux]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
=E4=BB=A5=E4=B8=8B=E3=81=AE=E3=82=88=E3=81=86=E3=81=AA=E3=83=91=E3=83=83=E3=
=83=81=E3=82=92=E5=BD=93=E3=81=A6=E3=81=A6
~~~
diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c
index 44e13a4..400dda0 100644
--- a/ext/bigdecimal/bigdecimal.c
+++ b/ext/bigdecimal/bigdecimal.c
@@ -3911,6 +3911,7 @@ VpAlloc(size_t mx, const char *szVal)
}
/* Skip trailing spaces */
while (--i > 0) {
+ printf("dereference psz[%lu]\n", i);
if (ISSPACE(psz[i])) psz[i] =3D 0;
else break;
}
~~~
=E4=BB=A5=E4=B8=8B=E3=81=AE=E3=82=88=E3=81=86=E3=81=AA=E3=82=B3=E3=83=BC=E3=
=83=89=E3=82=92=E5=AE=9F=E8=A1=8C=E3=81=99=E3=82=8B=E3=81=A8=E3=80=81
~~~
$ ./ruby -I .ext/x86_64-linux/ -I . -I lib -r bigdecimal -e 'p BigDecimal.n=
ew("#")'
dereference psz[1]
dereference psz[8]
dereference psz[2]
dereference psz[18446744073709551615]
#<BigDecimal:7f06266cb820,'0.0',9(9)>
~~~
=E8=A6=8B=E3=82=8B=E3=81=8B=E3=82=89=E3=81=AB=E3=81=BE=E3=81=9A=E3=81=9D=E3=
=81=86=E3=81=AA=E3=83=87=E3=83=AA=E3=83=95=E3=82=A1=E3=83=AC=E3=83=B3=E3=82=
=B9=E3=81=8C=E8=A1=8C=E3=82=8F=E3=82=8C=E3=81=A6=E3=81=84=E3=82=8B=E3=81=93=
=E3=81=A8=E3=81=8C=E8=A6=B3=E5=AF=9F=E3=81=95=E3=82=8C=E3=81=BE=E3=81=99=E3=
=80=82
Coverity Scan =E3=81=8C=E8=A6=8B=E3=81=A4=E3=81=91=E3=81=A6=E3=81=8F=E3=82=
=8C=E3=81=BE=E3=81=97=E3=81=9F=E3=80=82
--=20
Yusuke Endoh <[email protected]>
--=20
https://bugs.ruby-lang.org/