archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-08-15 13:39:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Avoid illegal pointer

Browse source 
When loading a crafted marshal data of Random, a pointer to an illegal
address was created. I don't think there is any harm since the data is
normalized before access, but just to be safe, I add a check to make it
an error.
This commit is contained in:
Yusuke Endoh 2024-11-29 02:16:39 +09:00
parent 803eed6943
commit 50a34637a4
Notes: git 2024-11-28 18:02:09 +00:00
2 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
random.c
View file

@ -895,7 +895,7 @@ rand_mt_load(VALUE obj, VALUE dump)
sizeof(*mt->state), 0,
INTEGER_PACK_LSWORD_FIRST|INTEGER_PACK_NATIVE_BYTE_ORDER);
x = NUM2ULONG(left);
if (x > numberof(mt->state)) {
if (x > numberof(mt->state) || x == 0) {
rb_raise(rb_eArgError, "wrong value");
}
mt->left = (unsigned int)x;