* file.c (file_expand_path): check invalid access.

git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@18905 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: mame <mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-08-28 15:03:38 +0000
committer: mame <mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-08-28 15:03:38 +0000
commit: 4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e (patch)
tree: f94240f9979603396736cd023ee82ac595737901
parent: d954aa903a0c1f2f57353f46801dd785268788aa (diff)
download: ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.tar.gz
ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.tar.xz
ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.zip
2 files changed, 5 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index abd6d3569..b2885331c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Fri Aug 29 00:03:13 2008  Yusuke Endoh  <mame@tsg.ne.jp>
+
+	* file.c (file_expand_path): check invalid access.
+
 Thu Aug 28 23:55:50 2008  Shugo Maeda  <shugo@ruby-lang.org>
 
 	* strftime.c (rb_strftime): Time.mktime(2000).strftime("%-S") should
diff --git a/file.c b/file.c
index fbbea2328..0cd90afb8 100644
--- a/file.c
+++ b/file.c
@@ -2734,6 +2734,7 @@ file_expand_path(VALUE fname, VALUE dname, int abs_mode, VALUE result)
 	*p = '/';
     }
 
+    BUFCHECK(bdiff + 1 >= buflen);
     p[1] = 0;
     root = skipprefix(buf);
author	mame <mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-08-28 15:03:38 +0000
committer	mame <mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-08-28 15:03:38 +0000
commit	4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e (patch)
tree	f94240f9979603396736cd023ee82ac595737901
parent	d954aa903a0c1f2f57353f46801dd785268788aa (diff)
download	ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.tar.gz ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.tar.xz ruby-4cae8efb7a2c96b1f8f2bbde0480bf68c453c84e.zip