Bug#730189: ruby1.8: CVE-2013-4164

Thu, 28 Nov 2013 03:48:49 -0800 

  The patches seem to work successfully for me:

  * The test-suite that runs at compile-time still passes.
 
  * The reproducer stops segfaulting.

  The reproducer I'm using is:

--
#!/usr/bin/ruby1.8
require 'json'
JSON.parse("[1."+"1"*300000+"]")
--

Steve
-- 
http://www.steve.org.uk/

Reply via email to