From b4bf968ad52afe14e60a2dc8a95d3555c543353a Mon Sep 17 00:00:00 2001
From: "K.Kosako" <kosako@sofnec.co.jp>
Date: Thu, 18 May 2017 17:05:27 +0900
Subject: [PATCH] fix #55 : check too big code point value for single byte
 value in next_state_val()

---
 regparse.c |    3 +++
 1 file changed, 3 insertions(+)

--- end of original header

CVE: CVE-2017-9226

Add check for octal number bigger than 255.

Upstream-Status: Pending
Signed-off-by: Joe Slater <joe.slater@windriver.com>


--- ruby-2.4.1.orig/regparse.c
+++ ruby-2.4.1/regparse.c
@@ -4450,6 +4450,9 @@ next_state_val(CClassNode* cc, CClassNod
   switch (*state) {
   case CCS_VALUE:
     if (*type == CCV_SB) {
+      if (*from > 0xff)
+          return ONIGERR_INVALID_CODE_POINT_VALUE;
+
       BITSET_SET_BIT_CHKDUP(cc->bs, (int )(*from));
       if (IS_NOT_NULL(asc_cc))
 	BITSET_SET_BIT(asc_cc->bs, (int )(*from));