* random.c (limited_big_rand): fix buffer overflow when SIZEOF_BDIGITS

is 2. fixed by Kenta Murata. [ruby-dev:33565] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15365 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-02-02 00:32:40 +00:00 · 2008-02-02 00:32:40 +00:00 · b5fdd1bd76
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+Sat Feb  2 09:28:36 2008  Tanaka Akira  <akr@fsij.org>
+
+	* random.c (limited_big_rand): fix buffer overflow when SIZEOF_BDIGITS
+	  is 2.  fixed by Kenta Murata.  [ruby-dev:33565]
+
 Fri Feb  1 21:42:37 2008  Nobuyoshi Nakada  <nobu@ruby-lang.org>

 	* configure.in (darwin): _XOPEN_SOURCE is necessary to make ucontext_t
--- a/random.c
+++ b/random.c
@ -385,12 +385,16 @@ limited_big_rand(struct RBignum *limit)
    val = (struct RBignum *)rb_big_clone((VALUE)limit);
    RBIGNUM_SET_SIGN(val, 1);
 #if SIZEOF_BDIGITS == 2
-# define BIG_GET32(big,i) (RBIGNUM_DIGITS(big)[(i)*2] | \
-                           ((i)*2+1 < RBIGNUM_DIGITS(big) ? (RBIGNUM_DIGITS(big)[(i)*2+1] << 16) \
-                                                 : 0))
-# define BIG_SET32(big,i,d) ((RBIGNUM_DIGITS(big)[(i)*2] = (d) & 0xffff), \
-                             ((i)*2+1 < RBIGNUM_DIGITS(big) ? (RBIGNUM_DIGITS(big)[(i)*2+1] = (d) >> 16) \
-                                                   : 0))
+# define BIG_GET32(big,i) \
+    (RBIGNUM_DIGITS(big)[(i)*2] | \
+     ((i)*2+1 < RBIGNUM_LEN(big) ? \
+      (RBIGNUM_DIGITS(big)[(i)*2+1] << 16) : \
+      0))
+# define BIG_SET32(big,i,d) \
+    ((RBIGNUM_DIGITS(big)[(i)*2] = (d) & 0xffff), \
+     ((i)*2+1 < RBIGNUM_LEN(big) ? \
+      (RBIGNUM_DIGITS(big)[(i)*2+1] = (d) >> 16) : \
+      0))
 #else
    /* SIZEOF_BDIGITS == 4 */
 # define BIG_GET32(big,i) (RBIGNUM_DIGITS(big)[i])