ayae/extra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial import

Browse Source
This commit is contained in:
Astound
2025-06-22 20:39:04 -05:00
commit f8a70886f0
3428 changed files with 302546 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
ruby/CVE-2021-41816.patch Normal file
View File

@@ -0,0 +1,24 @@
From c728632c1c09d46cfd4ecbff9caaa3651dd1002a Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Fri, 3 Sep 2021 19:40:22 +0900
Subject: [PATCH] Fix integer overflow
Make use of the check in rb_alloc_tmp_buffer2.
https://hackerone.com/reports/1328463
---
ext/cgi/escape/escape.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/ext/cgi/escape/escape.c
+++ b/ext/cgi/escape/escape.c
@@ -36,7 +36,8 @@
optimized_escape_html(VALUE str)
{
VALUE vbuf;
- char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
+ typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
+ char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
const char *cstr = RSTRING_PTR(str);
const char *end = cstr + RSTRING_LEN(str);