Hacker News new | ask | show | jobs
by c3 4585 days ago
It seems to be a fairly simple patch for 1.8 series, too:

    https://bugs.ruby-lang.org/projects/ruby-193/repository/revisions/43776
just a few lines truncating input in util.c.

Break your ruby here:

    JSON.parse("[1."+"1"*300000+"]")
1 comments
c3 4585 days ago
update: I just tested this; if you're on 1.8.7, you can manually apply the patch I linked in the parent comment and recompile. There is nothing preventing a backport.
link
darkhelmetlive 4585 days ago
There's also a commit right after the merge commit to change

  if (nf > DBL_DIG * 2) continue;
to

  if (nf > DBL_DIG * 4) continue;
link