Bug #22112: Backport for IO::Buffer USF issues - Ruby - Ruby Issue Tracking System

Actions

Bug #22112

closed

Backport for IO::Buffer USF issues

Bug #22112: Backport for IO::Buffer USF issues

Added by nagachika (Tomoyuki Chikanaga) about 18 hours ago. Updated about 18 hours ago.

Status:

Closed

Assignee:

-

Target version:

-

ruby -v:

Backport:

3.3: REQUIRED, 3.4: DONE, 4.0: REQUIRED

[ruby-core:125756]

Description

The following commits are a series of fixes for IO::Buffer use-after-free issues across multiple methods.

Please backport them to the stable branches.

2552db04ddc44349c7b0f5f93aeb0fb02eccb509 (Fix UAF in IO::Buffer#&)
95626e3a9c59cd073221c08ed013ed0f2d655b6f (Fix UAF in IO::Buffer#|)
90ed85f91ed8c9df26efcbdc5e6a1b428be3ef06 (Fix UAF in IO::Buffer#^)
3373fcc2dee7c4560d2c3e4280c549cdb1b5de63 (Fix UAF in IO::Buffer#~)
4bd3e14fc2623414680008c7b1d38f1a3df2877e (Fix UAF in IO::Buffer#and!, IO::Buffer#or!, IO::Buffer#xor!)
2c8002d58302e4fff51484826e1fd706cc2bfb19 (Validate the buffer after argument conversion)
773e0c3a0f2ab2bd235c8d44cad1f999bfe2514b (Validate the buffer after type argument conversion)

Updated by nagachika (Tomoyuki Chikanaga) about 18 hours ago Actions
Copy link
#1 [ruby-core:125757]

Backport changed from 3.3: REQUIRED, 3.4: REQUIRED, 4.0: REQUIRED to 3.3: REQUIRED, 3.4: DONE, 4.0: REQUIRED

ruby_3_4 e0eec88ee589286f13f453b10e95098c5150a60f merged revision(s) 2552db04ddc44349c7b0f5f93aeb0fb02eccb509, 95626e3a9c59cd073221c08ed013ed0f2d655b6f, 90ed85f91ed8c9df26efcbdc5e6a1b428be3ef06, 3373fcc2dee7c4560d2c3e4280c549cdb1b5de63, 4bd3e14fc2623414680008c7b1d38f1a3df2877e, 2c8002d58302e4fff51484826e1fd706cc2bfb19, 773e0c3a0f2ab2bd235c8d44cad1f999bfe2514b.

Actions

Also available in: PDF Atom