ruby-changes:6356
From: matz <ko1@a...>
Date: Fri, 4 Jul 2008 19:29:28 +0900 (JST)
Subject: [ruby-changes:6356] Ruby:r17872 (ruby_1_8): * ext/dl/dl.c (rb_str_to_ptr): should propagate taint to dlptr.
matz 2008-07-04 19:29:14 +0900 (Fri, 04 Jul 2008)
New Revision: 17872
Modified files:
branches/ruby_1_8/ChangeLog
branches/ruby_1_8/ext/dl/dl.c
branches/ruby_1_8/ext/dl/sym.c
Log:
* ext/dl/dl.c (rb_str_to_ptr): should propagate taint to dlptr.
* ext/dl/dl.c (rb_ary_to_ptr): ditto.
* ext/dl/sym.c (rb_dlsym_call): should check taint of DLPtrData as
well.
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17872
Index: ruby_1_8/ext/dl/dl.c
===================================================================
--- ruby_1_8/ext/dl/dl.c (revision 17871)
+++ ruby_1_8/ext/dl/dl.c (revision 17872)
@@ -522,12 +522,15 @@
{
char *ptr;
int len;
+ VALUE p;
len = RSTRING(self)->len;
ptr = (char*)dlmalloc(len + 1);
memcpy(ptr, RSTRING(self)->ptr, len);
ptr[len] = '\0';
- return rb_dlptr_new((void*)ptr,len,dlfree);
+ p = rb_dlptr_new((void*)ptr,len,dlfree);
+ OBJ_INFECT(p, self);
+ return p;
}
VALUE
@@ -545,7 +548,12 @@
ptr = rb_ary2cary(0, self, &size);
break;
}
- return ptr ? rb_dlptr_new(ptr, size, dlfree) : Qnil;
+ if (ptr) {
+ VALUE p = rb_dlptr_new(ptr, size, dlfree);
+ OBJ_INFECT(p, self);
+ return p;
+ }
+ return Qnil;
}
VALUE
@@ -563,7 +571,7 @@
VALUE
rb_dl_dlopen(int argc, VALUE argv[], VALUE self)
{
- rb_secure(4);
+ rb_secure(2);
return rb_class_new_instance(argc, argv, rb_cDLHandle);
}
Index: ruby_1_8/ext/dl/sym.c
===================================================================
--- ruby_1_8/ext/dl/sym.c (revision 17871)
+++ ruby_1_8/ext/dl/sym.c (revision 17872)
@@ -492,6 +492,7 @@
rb_raise(rb_eDLTypeError, "unexpected type of argument #%d", i);
}
}
+ rb_check_safe_obj(pval);
Data_Get_Struct(pval, struct ptr_data, data);
ANY2P(args[i]) = DLVOIDP(data->ptr);
}
Index: ruby_1_8/ChangeLog
===================================================================
--- ruby_1_8/ChangeLog (revision 17871)
+++ ruby_1_8/ChangeLog (revision 17872)
@@ -31,6 +31,15 @@
* ext/win32ole/tests/testWIN32OLE.rb(test_convert_bignum):
fix test.
+Thu Jul 3 19:17:16 2008 Yukihiro Matsumoto <matz@r...>
+
+ * ext/dl/dl.c (rb_str_to_ptr): should propagate taint to dlptr.
+
+ * ext/dl/dl.c (rb_ary_to_ptr): ditto.
+
+ * ext/dl/sym.c (rb_dlsym_call): should check taint of DLPtrData as
+ well.
+
Thu Jul 3 16:46:56 2008 Tanaka Akira <akr@f...>
* include/ruby/ruby.h (POSFIXABLE): use FIXNUM_MAX+1 instead of
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/