Ruby vulnerability: heap corruption in DateTime.strftime() on 32 bit for certain format strings

Response by Ruby team: “severe but usual bug, not a vulnerability.”
Fixed in

Setting a very high precision in the date_strftime_with_tmx() function,
the following check (in the STRFTIME macro in date_strftime.c) will not
work as expected if s >= 0x80000000.

124         if (start + maxsize < s + precision) {          \
125             errno = ERANGE;                 \
126             return 0;                       \
127         }

This code causes a crash on my 32 bit system:

require 'date'"%2147483647c")

64 bit is probably not affected (technically possible, but

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.