diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | ext/digest/digest.c | 9 |
2 files changed, 12 insertions, 1 deletions
@@ -1,3 +1,7 @@ +Fri Oct 6 02:06:10 2006 Akinori MUSHA <knu@iDaemons.org> + + * ext/digest/digest.c (hexdigest_str_new): Add a string size check. + Thu Oct 5 19:28:35 2006 Akinori MUSHA <knu@iDaemons.org> * ext/digest/digest.[ch]: Since the argument order of diff --git a/ext/digest/digest.c b/ext/digest/digest.c index f56a1921f..63df4b126 100644 --- a/ext/digest/digest.c +++ b/ext/digest/digest.c @@ -45,7 +45,14 @@ hexdigest_str_new(const unsigned char *digest, size_t digest_len) int i; VALUE str; char *p; - static const char hex[] = "0123456789abcdef"; + static const char hex[] = { + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', + 'a', 'b', 'c', 'd', 'e', 'f' + }; + + if (LONG_MAX / 2 < digest_len) { + rb_raise(rb_eRuntimeError, "digest string too long"); + } str = rb_str_new(0, digest_len * 2); |