< :前の番号
^ :番号順リスト
> :次の番号
P :前の記事(スレッド移動)
N :次の記事(スレッド移動)
|<:前のスレッド
>|:次のスレッド
^ :返事先
_:自分への返事
>:同じ返事先を持つ記事(前)
<:同じ返事先を持つ記事(後)
---:分割してスレッド表示、再表示
| :分割して(縦)スレッド表示、再表示
~ :スレッドのフレーム消去
.:インデックス
..:インデックスのインデックス
Issue #10453 has been updated by jeremyevans0 (Jeremy Evans).
File num2chr-range-check-10453.patch added
Attached is a patch that will add a range check to `NUM2CHR`. However, it breaks a test:
```
1) Error:
TestStringIO#test_putc_nonascii:
RangeError: value to large to convert to char: 12356
/home/jeremy/tmp/ruby/test/stringio/test_stringio.rb:567:in `putc'
/home/jeremy/tmp/ruby/test/stringio/test_stringio.rb:567:in `test_putc_nonascii'
```
It is possibly, maybe even likely, that it will break third party C extensions as well (403 matches for `NUM2CHR` for Ruby on GitHub: https://github.com/search?l=Ruby&q=NUM2CHR&type=Code).
----------------------------------------
Bug #10453: NUM2CHR() does not perform additional bounds checks
https://bugs.ruby-lang.org/issues/10453#change-80644
* Author: silverhammermba (Max Anselm)
* Status: Assigned
* Priority: Normal
* Assignee: matz (Yukihiro Matsumoto)
* Target version:
* ruby -v: ruby 2.1.4p265 (2014-10-27 revision 48166) [x86_64-linux]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
`NUM2CHR()` just calls `rb_num2int_inline()` and masks off the high bytes. Consequently, passing any value larger than a `char` and no bigger than an `int` will return some garbage value (rather than raising `RangeError`).
To reproduce, compile and run:
~~~C
#include <ruby.h>
#include <limits.h>
int main(int argc, char* argv[])
{
ruby_init();
VALUE y = INT2FIX(INT_MAX);
char z = NUM2CHR(y);
printf("%hhd\n", z);
return ruby_cleanup(0);
}
~~~
Expected:
Segfault from uncaught `RangeError`.
Actual:
Prints -1
---Files--------------------------------
num2chr-range-check-10453.patch (1.35 KB)
--
https://bugs.ruby-lang.org/
Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>