Segmentation Fault: library should check for data length and raise

Question

Segmentation Fault: library should check for data length and raise

Closed this issue 13 years ago · 2 comments

I think there is no bound checking somewhere in your C code, because if I pass too much data to the encode method I get a segmentation fault in 1.3.4

Minimal sample to reproduce: https://gist.github.com/1049889

This could be a big problem in a web app because it takes down the whole server process.

Answer 1 · 2011-06-28T13:45:29.000Z

This should be fixed as of this commit: 845b489f2caacdd700c1

I'll try to get a release out soon.

Answer 2 · 2011-06-28T18:21:17.000Z

Yes, it does solve the problem. I tried it installing your gem from github and now my example raise an ArgumentError