ruby-changes:38377
From: glass <ko1@a...>
Date: Sun, 10 May 2015 11:49:07 +0900 (JST)
Subject: [ruby-changes:38377] glass:r50458 (trunk): * string.c (rb_str_crypt): Raise ArgumentError when
glass 2015-05-10 11:49:01 +0900 (Sun, 10 May 2015) New Revision: 50458 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=50458 Log: * string.c (rb_str_crypt): Raise ArgumentError when string passed to String#crypt contains null. the patch is from jrusnack <jrusnack at redhat.com>. [Bug #10988] [fix GH-853] * test/ruby/test_string.rb: test for above. Modified files: trunk/ChangeLog trunk/string.c trunk/test/ruby/test_string.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 50457) +++ ChangeLog (revision 50458) @@ -1,3 +1,12 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sun May 10 11:44:37 2015 Masaki Matsushita <glass.saga@g...> + + * string.c (rb_str_crypt): Raise ArgumentError when + string passed to String#crypt contains null. + the patch is from jrusnack <jrusnack at redhat.com>. + [Bug #10988] [fix GH-853] + + * test/ruby/test_string.rb: test for above. + Sun May 10 11:23:03 2015 Masaki Matsushita <glass.saga@g...> * enum.c (enum_to_a): Use size to set array capa when possible. Index: string.c =================================================================== --- string.c (revision 50457) +++ string.c (revision 50458) @@ -7711,8 +7711,7 @@ rb_str_crypt(VALUE str, VALUE salt) https://github.com/ruby/ruby/blob/trunk/string.c#L7711 rb_raise(rb_eArgError, "salt too short (need >=2 bytes)"); } - s = RSTRING_PTR(str); - if (!s) s = ""; + s = StringValueCStr(str); saltp = RSTRING_PTR(salt); if (!saltp[0] || !saltp[1]) goto short_salt; #ifdef BROKEN_CRYPT Index: test/ruby/test_string.rb =================================================================== --- test/ruby/test_string.rb (revision 50457) +++ test/ruby/test_string.rb (revision 50458) @@ -507,6 +507,7 @@ class TestString < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_string.rb#L507 assert_raise(ArgumentError) {S("mypassword").crypt(S(""))} assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))} assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))} + assert_raise(ArgumentError) {S("poison\u0000null").crypt(S("aa"))} [Encoding::UTF_16BE, Encoding::UTF_16LE, Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc| assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))} -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/