ruby-changes:8539
From: matz <ko1@a...>
Date: Fri, 31 Oct 2008 13:40:10 +0900 (JST)
Subject: [ruby-changes:8539] Ruby:r20072 (ruby_1_8): * dir.c (dir_globs): need taint check. reported by steve
matz 2008-10-31 13:39:57 +0900 (Fri, 31 Oct 2008) New Revision: 20072 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=20072 Log: * dir.c (dir_globs): need taint check. reported by steve <oksteev at gmail.com> Modified files: branches/ruby_1_8/ChangeLog branches/ruby_1_8/dir.c Index: ruby_1_8/ChangeLog =================================================================== --- ruby_1_8/ChangeLog (revision 20071) +++ ruby_1_8/ChangeLog (revision 20072) @@ -1,3 +1,8 @@ +Fri Oct 31 12:51:25 2008 Yukihiro Matsumoto <matz@r...> + + * dir.c (dir_globs): need taint check. reported by steve + <oksteev at gmail.com> + Wed Oct 29 11:50:57 2008 Nobuyoshi Nakada <nobu@r...> * configure.in (dln-a-out): cannot make shared library nor work with Index: ruby_1_8/dir.c =================================================================== --- ruby_1_8/dir.c (revision 20071) +++ ruby_1_8/dir.c (revision 20072) @@ -1660,7 +1660,7 @@ for (i = 0; i < argc; ++i) { int status; VALUE str = argv[i]; - StringValue(str); + SafeStringValue(str); status = push_glob(ary, RSTRING(str)->ptr, flags); if (status) GLOB_JUMP_TAG(status); } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/