Check dump size in ibf_dump_write

sferik · nobu · commit 49c138c18b2f · 2025-06-28T09:45:18.000+09:00
diff --git a/compile.c b/compile.c
@@ -12602,8 +12602,13 @@ static ibf_offset_t
 ibf_dump_write(struct ibf_dump *dump, const void *buff, unsigned long size)
 {
     ibf_offset_t pos = ibf_dump_pos(dump);
+#if SIZEOF_LONG > SIZEOF_INT
+    /* ensure the resulting dump does not exceed UINT_MAX */
+    if (size >= UINT_MAX || pos + size >= UINT_MAX) {
+        rb_raise(rb_eRuntimeError, "dump size exceeds");
+    }
+#endif
     rb_str_cat(dump->current_buffer->str, (const char *)buff, size);
-    /* TODO: overflow check */
     return pos;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -12602,8 +12602,13 @@ static ibf_offset_t`
`12602`	`12602`	`ibf_dump_write(struct ibf_dump dump, const void buff, unsigned long size)`
`12603`	`12603`	`{`
`12604`	`12604`	`ibf_offset_t pos = ibf_dump_pos(dump);`
	`12605`	`+#if SIZEOF_LONG > SIZEOF_INT`
	`12606`	`+ /* ensure the resulting dump does not exceed UINT_MAX */`
	`12607`	`+ if (size >= UINT_MAX \|\| pos + size >= UINT_MAX) {`
	`12608`	`+ rb_raise(rb_eRuntimeError, "dump size exceeds");`
	`12609`	`+ }`
	`12610`	`+#endif`
`12605`	`12611`	`rb_str_cat(dump->current_buffer->str, (const char *)buff, size);`
`12606`		`- /* TODO: overflow check */`
`12607`	`12612`	`return pos;`
`12608`	`12613`	`}`
`12609`	`12614`