parse.y: string buffer (`tokbuf`) can overflow.

Check if `esclen` is smaller than `len` (original string length).
author: Yukihiro "Matz" Matsumoto <[email protected]> 2021-02-13 14:06:37 +0900
committer: Yukihiro "Matz" Matsumoto <[email protected]> 2021-02-13 14:06:37 +0900
commit: 94fb86f89b131814201596d301f584dfe4547526 (patch)
tree: 02ec7cfd84cf600196dd71f8de46f17cda59e7ec /mrbgems/mruby-compiler/core/y.tab.c
parent: adb50df71a4e5c45cdf9c626fb90f95ef2d10b13 (diff)
download: mruby-94fb86f89b131814201596d301f584dfe4547526.tar.gz
mruby-94fb86f89b131814201596d301f584dfe4547526.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/mrbgems/mruby-compiler/core/y.tab.c b/mrbgems/mruby-compiler/core/y.tab.c
index 6c7940a7b..0ba1c8d7f 100644
--- a/mrbgems/mruby-compiler/core/y.tab.c
+++ b/mrbgems/mruby-compiler/core/y.tab.c
@@ -10718,6 +10718,7 @@ heredoc_remove_indent(parser_state *p, parser_heredoc_info *hinf)
       start = 0;
       while (start < len) {
         end = escaped ? (size_t)escaped->car : len;
+        if (end > len) end = len;
         spaces = (size_t)nspaces->car;
         size_t esclen = end - start;
         heredoc_count_indent(hinf, str + start, esclen, spaces, &offset);
author	Yukihiro "Matz" Matsumoto <[email protected]>	2021-02-13 14:06:37 +0900
committer	Yukihiro "Matz" Matsumoto <[email protected]>	2021-02-13 14:06:37 +0900
commit	94fb86f89b131814201596d301f584dfe4547526 (patch)
tree	02ec7cfd84cf600196dd71f8de46f17cda59e7ec /mrbgems/mruby-compiler/core/y.tab.c
parent	adb50df71a4e5c45cdf9c626fb90f95ef2d10b13 (diff)
download	mruby-94fb86f89b131814201596d301f584dfe4547526.tar.gz mruby-94fb86f89b131814201596d301f584dfe4547526.zip