[前][次][番号順一覧][スレッド一覧]

ruby-changes:38377

From: glass <ko1@a...>
Date: Sun, 10 May 2015 11:49:07 +0900 (JST)
Subject: [ruby-changes:38377] glass:r50458 (trunk): * string.c (rb_str_crypt): Raise ArgumentError when

glass	2015-05-10 11:49:01 +0900 (Sun, 10 May 2015)

  New Revision: 50458

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=50458

  Log:
    * string.c (rb_str_crypt): Raise ArgumentError when
      string passed to String#crypt contains null.
      the patch is from jrusnack <jrusnack at redhat.com>.
      [Bug #10988] [fix GH-853]
    
    * test/ruby/test_string.rb: test for above.

  Modified files:
    trunk/ChangeLog
    trunk/string.c
    trunk/test/ruby/test_string.rb
Index: ChangeLog
===================================================================
--- ChangeLog	(revision 50457)
+++ ChangeLog	(revision 50458)
@@ -1,3 +1,12 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1
+Sun May 10 11:44:37 2015  Masaki Matsushita <glass.saga@g...>
+
+	* string.c (rb_str_crypt): Raise ArgumentError when
+	  string passed to String#crypt contains null.
+	  the patch is from jrusnack <jrusnack at redhat.com>.
+	  [Bug #10988] [fix GH-853]
+
+	* test/ruby/test_string.rb: test for above.
+
 Sun May 10 11:23:03 2015  Masaki Matsushita <glass.saga@g...>
 
 	* enum.c (enum_to_a): Use size to set array capa when possible.
Index: string.c
===================================================================
--- string.c	(revision 50457)
+++ string.c	(revision 50458)
@@ -7711,8 +7711,7 @@ rb_str_crypt(VALUE str, VALUE salt) https://github.com/ruby/ruby/blob/trunk/string.c#L7711
 	rb_raise(rb_eArgError, "salt too short (need >=2 bytes)");
     }
 
-    s = RSTRING_PTR(str);
-    if (!s) s = "";
+    s = StringValueCStr(str);
     saltp = RSTRING_PTR(salt);
     if (!saltp[0] || !saltp[1]) goto short_salt;
 #ifdef BROKEN_CRYPT
Index: test/ruby/test_string.rb
===================================================================
--- test/ruby/test_string.rb	(revision 50457)
+++ test/ruby/test_string.rb	(revision 50458)
@@ -507,6 +507,7 @@ class TestString < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_string.rb#L507
     assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
     assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
     assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
+    assert_raise(ArgumentError) {S("poison\u0000null").crypt(S("aa"))}
     [Encoding::UTF_16BE, Encoding::UTF_16LE,
      Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc|
       assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))}

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]