1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* array.c (rb_ary_store, rb_ary_splice): not depend on unspecified

Browse Source 
behavior at integer overflow.

* string.c (str_buf_cat): ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@17472 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2008-06-20 06:42:07 +00:00
parent 72dd5fdc47
commit e1a45b10b6
2 changed files with 30 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
array.c
View File

@ -383,7 +383,7 @@ rb_ary_store(VALUE ary, long idx, VALUE val)
if (new_capa < ARY_DEFAULT_SIZE) { if (new_capa < ARY_DEFAULT_SIZE) {
new_capa = ARY_DEFAULT_SIZE; new_capa = ARY_DEFAULT_SIZE;
} }
else if (new_capa >= ARY_MAX_SIZE - idx) { if (new_capa >= ARY_MAX_SIZE - idx) {
new_capa = (ARY_MAX_SIZE - idx) / 2; new_capa = (ARY_MAX_SIZE - idx) / 2;
} }
new_capa += idx; new_capa += idx;
@ -986,10 +986,10 @@ rb_ary_splice(VALUE ary, long beg, long len, VALUE rpl)
} }
rb_ary_modify(ary); rb_ary_modify(ary);
if (beg >= RARRAY_LEN(ary)) { if (beg >= RARRAY_LEN(ary)) {
len = beg + rlen; if (beg > ARY_MAX_SIZE - rlen) {
if (len < 0 || len > ARY_MAX_SIZE) {
rb_raise(rb_eIndexError, "index %ld too big", beg); rb_raise(rb_eIndexError, "index %ld too big", beg);
} }
len = beg + rlen;
if (len >= ARY_CAPA(ary)) { if (len >= ARY_CAPA(ary)) {
RESIZE_CAPA(ary, len); RESIZE_CAPA(ary, len);
} }

70
string.c
View File

@ -1394,16 +1394,16 @@ rb_str_resize(VALUE str, long len)
return str; return str;
} }
VALUE static long
rb_str_buf_cat(VALUE str, const char *ptr, long len) str_buf_cat(VALUE str, const char *ptr, long len)
{ {
long capa, total; long capa, total, off = -1;
if (len == 0) return str; if (ptr >= RSTRING_PTR(str) && ptr <= RSTRING_END(str)) {
if (len < 0) { off = ptr - RSTRING_PTR(str);
rb_raise(rb_eArgError, "negative string size (or size too big)");
} }
rb_str_modify(str); rb_str_modify(str);
if (len == 0) return 0;
if (STR_ASSOC_P(str)) { if (STR_ASSOC_P(str)) {
FL_UNSET(str, STR_ASSOC); FL_UNSET(str, STR_ASSOC);
capa = RSTRING(str)->as.heap.aux.capa = RSTRING_LEN(str); capa = RSTRING(str)->as.heap.aux.capa = RSTRING_LEN(str);
@ -1414,13 +1414,23 @@ rb_str_buf_cat(VALUE str, const char *ptr, long len)
else { else {
capa = RSTRING(str)->as.heap.aux.capa; capa = RSTRING(str)->as.heap.aux.capa;
} }
if (RSTRING_LEN(str) >= LONG_MAX - len) {
rb_raise(rb_eArgError, "string sizes too big");
}
total = RSTRING_LEN(str)+len; total = RSTRING_LEN(str)+len;
if (capa <= total) { if (capa <= total) {
while (total > capa) { while (total > capa) {
if (capa + 1 >= LONG_MAX / 2) {
capa = (total + 4095) / 4096;
break;
}
capa = (capa + 1) * 2; capa = (capa + 1) * 2;
} }
RESIZE_CAPA(str, capa); RESIZE_CAPA(str, capa);
} }
if (off != -1) {
ptr = RSTRING_PTR(str) + off;
}
memcpy(RSTRING_PTR(str) + RSTRING_LEN(str), ptr, len); memcpy(RSTRING_PTR(str) + RSTRING_LEN(str), ptr, len);
STR_SET_LEN(str, total); STR_SET_LEN(str, total);
RSTRING_PTR(str)[total] = '\0'; /* sentinel */ RSTRING_PTR(str)[total] = '\0'; /* sentinel */
@ -1428,6 +1438,16 @@ rb_str_buf_cat(VALUE str, const char *ptr, long len)
return str; return str;
} }
VALUE
rb_str_buf_cat(VALUE str, const char *ptr, long len)
{
if (len == 0) return str;
if (len < 0) {
rb_raise(rb_eArgError, "negative string size (or size too big)");
}
return str_buf_cat(str, ptr, len);
}
VALUE VALUE
rb_str_buf_cat2(VALUE str, const char *ptr) rb_str_buf_cat2(VALUE str, const char *ptr)
{ {
@ -1463,8 +1483,6 @@ static VALUE
rb_enc_cr_str_buf_cat(VALUE str, const char *ptr, long len, rb_enc_cr_str_buf_cat(VALUE str, const char *ptr, long len,
int ptr_encindex, int ptr_cr, int *ptr_cr_ret) int ptr_encindex, int ptr_cr, int *ptr_cr_ret)
{ {
long capa, total, off = -1;
int str_encindex = ENCODING_GET(str); int str_encindex = ENCODING_GET(str);
int res_encindex; int res_encindex;
int str_cr, res_cr; int str_cr, res_cr;
@ -1543,41 +1561,7 @@ rb_enc_cr_str_buf_cat(VALUE str, const char *ptr, long len,
if (len < 0) { if (len < 0) {
rb_raise(rb_eArgError, "negative string size (or size too big)"); rb_raise(rb_eArgError, "negative string size (or size too big)");
} }
if (ptr >= RSTRING_PTR(str) && ptr <= RSTRING_END(str)) { str_buf_cat(str, ptr, len);
off = ptr - RSTRING_PTR(str);
}
rb_str_modify(str);
if (len == 0) {
ENCODING_CODERANGE_SET(str, res_encindex, res_cr);
return str;
}
if (STR_ASSOC_P(str)) {
FL_UNSET(str, STR_ASSOC);
capa = RSTRING(str)->as.heap.aux.capa = RSTRING_LEN(str);
}
else if (STR_EMBED_P(str)) {
capa = RSTRING_EMBED_LEN_MAX;
}
else {
capa = RSTRING(str)->as.heap.aux.capa;
}
total = RSTRING_LEN(str)+len;
if (total < 0 || capa + 1 > LONG_MAX / 2) {
rb_raise(rb_eArgError, "string sizes too big");
}
if (capa <= total) {
while (total > capa) {
capa = (capa + 1) * 2;
}
RESIZE_CAPA(str, capa);
}
if (off != -1) {
ptr = RSTRING_PTR(str) + off;
}
memcpy(RSTRING_PTR(str) + RSTRING_LEN(str), ptr, len);
STR_SET_LEN(str, total);
RSTRING_PTR(str)[total] = '\0'; /* sentinel */
ENCODING_CODERANGE_SET(str, res_encindex, res_cr); ENCODING_CODERANGE_SET(str, res_encindex, res_cr);
return str; return str;
} }