From 8336072e865d9fbe03645b95ab2ea37d84ecd65d Mon Sep 17 00:00:00 2001
From: cubicdaiya <cubicdaiya@gmail.com>
Date: Fri, 28 Feb 2014 02:07:09 +0900
Subject: fix SEGV bug for mrb_str_new_static

mrb_str_new_static causes seg-fault when 3rd argument is negative.
---
 src/string.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/string.c')

diff --git a/src/string.c b/src/string.c
index 8a9ed8a24..aa1afec47 100644
--- a/src/string.c
+++ b/src/string.c
@@ -256,6 +256,9 @@ mrb_value
 mrb_str_new_static(mrb_state *mrb, const char *p, size_t len)
 {
   struct RString *s;
+  if ((mrb_int)len < 0) {
+    mrb_raise(mrb, E_ARGUMENT_ERROR, "negative string size (or size too big)");
+  }
 
   s = mrb_obj_alloc_string(mrb);
   s->len = len;
-- 
cgit v1.2.3