ruby-changes:50785
From: nobu <ko1@a...>
Date: Wed, 28 Mar 2018 19:09:03 +0900 (JST)
Subject: [ruby-changes:50785] nobu:r62991 (trunk): unixsocket.c: check NUL bytes
nobu 2018-03-28 19:08:57 +0900 (Wed, 28 Mar 2018) New Revision: 62991 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=62991 Log: unixsocket.c: check NUL bytes * ext/socket/unixsocket.c (rsock_init_unixsock): check NUL bytes. https://hackerone.com/reports/302997 Modified files: trunk/ext/socket/unixsocket.c trunk/test/socket/test_unix.rb Index: test/socket/test_unix.rb =================================================================== --- test/socket/test_unix.rb (revision 62990) +++ test/socket/test_unix.rb (revision 62991) @@ -284,6 +284,16 @@ class TestSocket_UNIXSocket < Test::Unit https://github.com/ruby/ruby/blob/trunk/test/socket/test_unix.rb#L284 File.unlink path if path && File.socket?(path) end + def test_open_nul_byte + tmpfile = Tempfile.new("s") + path = tmpfile.path + tmpfile.close(true) + assert_raise(ArgumentError) {UNIXServer.open(path+"\0")} + assert_raise(ArgumentError) {UNIXSocket.open(path+"\0")} + ensure + File.unlink path if path && File.socket?(path) + end + def test_addr bound_unix_socket(UNIXServer) {|serv, path| UNIXSocket.open(path) {|c| Index: ext/socket/unixsocket.c =================================================================== --- ext/socket/unixsocket.c (revision 62990) +++ ext/socket/unixsocket.c (revision 62991) @@ -33,7 +33,7 @@ rsock_init_unixsock(VALUE sock, VALUE pa https://github.com/ruby/ruby/blob/trunk/ext/socket/unixsocket.c#L33 int fd, status; rb_io_t *fptr; - SafeStringValue(path); + FilePathValue(path); INIT_SOCKADDR_UN(&sockaddr, sizeof(struct sockaddr_un)); if (sizeof(sockaddr.sun_path) < (size_t)RSTRING_LEN(path)) { -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/