From: nagachika00@...
Date: 2014-06-29T17:21:57+00:00
Subject: [ruby-core:63403] [ruby-trunk - Bug #9608] [PATCH] avoid large alloca on Complex/Rational calls

Issue #9608 has been updated by Tomoyuki Chikanaga.

Backport changed from 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: REQUIRED to 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: DONE

Backported into `ruby_2_1` at r46612.

----------------------------------------
Bug #9608: [PATCH] avoid large alloca on Complex/Rational calls
https://bugs.ruby-lang.org/issues/9608#change-47446

* Author: Eric Wong
* Status: Closed
* Priority: Normal
* Assignee: tadayoshi funaba
* Category: core
* Target version: 
* ruby -v: ruby 2.2.0dev (2014-03-07 trunk 45281) [x86_64-linux]
* Backport: 1.9.3: UNKNOWN, 2.0.0: DONE, 2.1: DONE
----------------------------------------
* complex.c (parse_comp): replace ALLOCA_N with ALLOCV_N/ALLOCV_END
* rational.c (read_digits): ditto

This fixes segfaults on:

	Rational("1" * 16 * 1024 * 1024)
	Complex("1" * 16 * 1024 * 1024)

On my system where my stack size is only 8M.

tadf: Should we raise an exception on large string instead?
Large strings are slow to parse and could still be a DoS.


---Files--------------------------------
0001-avoid-large-alloca-on-Complex-Rational-calls.patch (1.86 KB)


-- 
https://bugs.ruby-lang.org/