Project

General

Profile

Actions
Copy link

Bug #9608

closed

[PATCH] avoid large alloca on Complex/Rational calls

Added by normalperson (Eric Wong) about 10 years ago. Updated almost 10 years ago.

Status:
Closed
Assignee:
tadf (tadayoshi funaba)
Target version:
-
ruby -v:
ruby 2.2.0dev (2014-03-07 trunk 45281) [x86_64-linux]
Backport:
1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: DONE
[ruby-core:61357]

Description

  • complex.c (parse_comp): replace ALLOCA_N with ALLOCV_N/ALLOCV_END
  • rational.c (read_digits): ditto

This fixes segfaults on:

Rational("1" * 16 * 1024 * 1024)
Complex("1" * 16 * 1024 * 1024)

On my system where my stack size is only 8M.

tadf: Should we raise an exception on large string instead?
Large strings are slow to parse and could still be a DoS.

Files

0001-avoid-large-alloca-on-Complex-Rational-calls.patch (1.86 KB) 0001-avoid-large-alloca-on-Complex-Rational-calls.patch normalperson (Eric Wong), 03/07/2014 09:56 AM
Actions
Copy link
 #3 [ruby-core:62292]

Updated by tadf (tadayoshi funaba) almost 10 years ago

i'd like to try it; please commit it.

Actions
Copy link
 #4

Updated by Anonymous almost 10 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

Applied in changeset r45793.

avoid large alloca on Complex/Rational calls

  • complex.c (parse_comp): replace ALLOCA_N with ALLOCV_N/ALLOCV_END
    [Bug #9608]
  • rational.c (read_digits): ditto
Actions
Copy link
 #5 [ruby-core:63358]

Updated by usa (Usaku NAKAMURA) almost 10 years ago

  • Backport changed from 1.9.3: UNKNOWN, 2.0.0: REQUIRED, 2.1: REQUIRED to 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: REQUIRED

backported into ruby_2_0_0 at r46578.

Actions
Copy link
 #6 [ruby-core:63403]

Updated by nagachika (Tomoyuki Chikanaga) almost 10 years ago

  • Backport changed from 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: REQUIRED to 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: DONE

Backported into ruby_2_1 at r46612.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0