File CVE-2013-4164.patch of Package ruby20.openSUSE_13.1_Update
diff -Naur a/ChangeLog b/ChangeLog
--- a/ChangeLog 2013-06-27 13:11:11.000000000 +0200
+++ b/ChangeLog 2013-11-23 19:43:53.298338061 +0100
@@ -1,3 +1,8 @@
+Fri Nov 22 12:46:08 2013 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * util.c (ruby_strtod): ignore too long fraction part, which does not
+ affect the result.
+
Thu Jun 27 20:10:56 2013 CHIKANAGA Tomoyuki <nagachika@ruby-lang.org>
* ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix
diff -Naur a/test/ruby/test_float.rb b/test/ruby/test_float.rb
--- a/test/ruby/test_float.rb 2012-11-07 08:03:53.000000000 +0100
+++ b/test/ruby/test_float.rb 2013-11-23 19:43:53.298338061 +0100
@@ -613,4 +613,10 @@
# always not flonum
assert_raise(TypeError) { a = Float::INFINITY; def a.foo; end }
end
+
+ def test_long_string
+ assert_separately([], <<-'end;')
+ assert_in_epsilon(10.0, ("1."+"1"*300000).to_f*9)
+ end;
+ end
end
diff -Naur a/util.c b/util.c
--- a/util.c 2012-05-17 04:48:59.000000000 +0200
+++ b/util.c 2013-11-23 19:43:53.299338061 +0100
@@ -715,6 +715,11 @@
#else
#define MALLOC malloc
#endif
+#ifdef FREE
+extern void FREE(void*);
+#else
+#define FREE free
+#endif
#ifndef Omit_Private_Memory
#ifndef PRIVATE_MEM
@@ -1005,7 +1010,7 @@
#endif
ACQUIRE_DTOA_LOCK(0);
- if ((rv = freelist[k]) != 0) {
+ if (k <= Kmax && (rv = freelist[k]) != 0) {
freelist[k] = rv->next;
}
else {
@@ -1015,7 +1020,7 @@
#else
len = (sizeof(Bigint) + (x-1)*sizeof(ULong) + sizeof(double) - 1)
/sizeof(double);
- if (pmem_next - private_mem + len <= PRIVATE_mem) {
+ if (k <= Kmax && pmem_next - private_mem + len <= PRIVATE_mem) {
rv = (Bigint*)pmem_next;
pmem_next += len;
}
@@ -1034,6 +1039,10 @@
Bfree(Bigint *v)
{
if (v) {
+ if (v->k > Kmax) {
+ FREE(v);
+ return;
+ }
ACQUIRE_DTOA_LOCK(0);
v->next = freelist[v->k];
freelist[v->k] = v;
@@ -2097,6 +2106,7 @@
for (; c >= '0' && c <= '9'; c = *++s) {
have_dig:
nz++;
+ if (nf > DBL_DIG * 4) continue;
if (c -= '0') {
nf += nz;
for (i = 1; i < nz; i++)
