ruby-changes:16323
From: matz <ko1@a...>
Date: Sat, 12 Jun 2010 10:08:54 +0900 (JST)
Subject: [ruby-changes:16323] Ruby:r28296 (trunk): * io.c (rb_f_syscall): should check argument string taint before
matz 2010-06-12 10:05:20 +0900 (Sat, 12 Jun 2010) New Revision: 28296 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=28296 Log: * io.c (rb_f_syscall): should check argument string taint before invoking system calls. Modified files: trunk/ChangeLog trunk/io.c Index: ChangeLog =================================================================== --- ChangeLog (revision 28295) +++ ChangeLog (revision 28296) @@ -1,3 +1,8 @@ +Sat Jun 12 10:02:26 2010 Yukihiro Matsumoto <matz@r...> + + * io.c (rb_f_syscall): should check argument string taint before + invoking system calls. + Sat Jun 12 09:18:31 2010 Yukihiro Matsumoto <matz@r...> * variable.c (uninitialized_constant): process through Index: io.c =================================================================== --- io.c (revision 28295) +++ io.c (revision 28296) @@ -7520,7 +7520,7 @@ VALUE v = rb_check_string_type(*argv); if (!NIL_P(v)) { - StringValue(v); + SafeStringValue(v); rb_str_modify(v); arg[i] = (unsigned long)StringValueCStr(v); } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/