From 30fe3f5d4b1b2d049c5557f98d4d5addf7bc3dfe Mon Sep 17 00:00:00 2001
From: cubicdaiya <cubicdaiya@gmail.com>
Date: Fri, 28 Feb 2014 01:30:09 +0900
Subject: fix SEGV bug for mrb_str_new

mrb_str_new causes seg-fault when 3rd argument is negative.
---
 src/string.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src')

diff --git a/src/string.c b/src/string.c
index 719be3ff5..8a9ed8a24 100644
--- a/src/string.c
+++ b/src/string.c
@@ -216,6 +216,9 @@ mrb_value
 mrb_str_new(mrb_state *mrb, const char *p, size_t len)
 {
   struct RString *s;
+  if ((mrb_int)len < 0) {
+    mrb_raise(mrb, E_ARGUMENT_ERROR, "negative string size (or size too big)");
+  }
 
   s = str_new(mrb, p, len);
   return mrb_obj_value(s);
-- 
cgit v1.2.3