Project

General

Profile

« Previous | Next » 

Revision 17460

  • array.c (ary_new, rb_ary_initialize, rb_ary_store,
    rb_ary_aplice, rb_ary_times): integer overflows should be
    checked. based on patches from Drew Yao
    fixed CVE-2008-2726

  • string.c (rb_str_buf_append): fixed unsafe use of alloca,
    which led memory corruption. based on a patch from Drew Yao
    fixed CVE-2008-2726

  • sprintf.c (rb_str_format): backported from trunk.

  • intern.h: ditto.