ruby-changes:8581
From: suke <ko1@a...>
Date: Thu, 6 Nov 2008 22:09:05 +0900 (JST)
Subject: [ruby-changes:8581] Ruby:r20115 (ruby_1_9_1): * ext/win32ole/win32ole.c (fole_s_connect, fole_initialize,
suke 2008-11-06 22:08:41 +0900 (Thu, 06 Nov 2008) New Revision: 20115 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=20115 Log: * ext/win32ole/win32ole.c (fole_s_connect, fole_initialize, folevariant_initialize): check argument type of WIN32OLE.connect, WIN32OLE.new, WIN32OLE_VARIANT.new. * test/win32ole/test_win32ole.rb (test_s_new_exc, test_s_connect_exc): ditto. * test/win32ole/test_win32ole_variant.rb (test_s_new_exc): ditto. * test/win32ole/test_win32ole_method.rb: add assertion of WIN32OLE_METHOD.new. Modified files: branches/ruby_1_9_1/ChangeLog branches/ruby_1_9_1/ext/win32ole/win32ole.c branches/ruby_1_9_1/test/win32ole/test_win32ole.rb branches/ruby_1_9_1/test/win32ole/test_win32ole_method.rb branches/ruby_1_9_1/test/win32ole/test_win32ole_variant.rb Index: ruby_1_9_1/ChangeLog =================================================================== --- ruby_1_9_1/ChangeLog (revision 20114) +++ ruby_1_9_1/ChangeLog (revision 20115) @@ -1,3 +1,17 @@ +Thu Nov 6 22:05:36 2008 Masaki Suketa <masaki.suketa@n...> + + * ext/win32ole/win32ole.c (fole_s_connect, fole_initialize, + folevariant_initialize): check argument type of WIN32OLE.connect, + WIN32OLE.new, WIN32OLE_VARIANT.new. + + * test/win32ole/test_win32ole.rb (test_s_new_exc, test_s_connect_exc): + ditto. + + * test/win32ole/test_win32ole_variant.rb (test_s_new_exc): ditto. + + * test/win32ole/test_win32ole_method.rb: add assertion of + WIN32OLE_METHOD.new. + Tue Nov 4 08:00:00 2008 TAKANO Mitsuhiro (takano32) <tak@n...> * test/zlib/test_zlib.rb(test_readchar): compare in same type. Index: ruby_1_9_1/ext/win32ole/win32ole.c =================================================================== --- ruby_1_9_1/ext/win32ole/win32ole.c (revision 20114) +++ ruby_1_9_1/ext/win32ole/win32ole.c (revision 20115) @@ -128,7 +128,7 @@ #define WC2VSTR(x) ole_wc2vstr((x), TRUE) -#define WIN32OLE_VERSION "1.3.8" +#define WIN32OLE_VERSION "1.3.9" typedef HRESULT (STDAPICALLTYPE FNCOCREATEINSTANCEEX) (REFCLSID, IUnknown*, DWORD, COSERVERINFO*, DWORD, MULTI_QI*); @@ -2733,6 +2733,7 @@ ole_initialize(); rb_scan_args(argc, argv, "1*", &svr_name, &others); + Check_SafeStr(svr_name); if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) { rb_raise(rb_eSecurityError, "Insecure Object Connection - %s", StringValuePtr(svr_name)); @@ -3220,11 +3221,13 @@ rb_call_super(0, 0); rb_scan_args(argc, argv, "11*", &svr_name, &host, &others); + Check_SafeStr(svr_name); if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) { rb_raise(rb_eSecurityError, "Insecure Object Creation - %s", StringValuePtr(svr_name)); } if (!NIL_P(host)) { + Check_SafeStr(host); if (rb_safe_level() > 0 && OBJ_TAINTED(host)) { rb_raise(rb_eSecurityError, "Insecure Object Creation - %s", StringValuePtr(svr_name)); @@ -8621,6 +8624,26 @@ } VariantInit(&var); val = rb_ary_entry(args, 0); + + if(!rb_obj_is_kind_of(val, cWIN32OLE) && + !rb_obj_is_kind_of(val, cWIN32OLE_VARIANT) && + !rb_obj_is_kind_of(val, rb_cTime)) { + switch (TYPE(val)) { + case T_ARRAY: + case T_STRING: + case T_FIXNUM: + case T_BIGNUM: + case T_FLOAT: + case T_TRUE: + case T_FALSE: + case T_NIL: + break; + default: + rb_raise(rb_eTypeError, "can not convert WIN32OLE_VARIANT from type %s", + rb_obj_classname(val)); + } + } + Data_Get_Struct(self, struct olevariantdata, pvar); if (len == 1) { ole_val2variant(val, &(pvar->var)); Index: ruby_1_9_1/test/win32ole/test_win32ole_variant.rb =================================================================== --- ruby_1_9_1/test/win32ole/test_win32ole_variant.rb (revision 20114) +++ ruby_1_9_1/test/win32ole/test_win32ole_variant.rb (revision 20115) @@ -18,6 +18,12 @@ assert_instance_of(WIN32OLE_VARIANT, obj) end + def test_s_new_exc + assert_raise(TypeError) { + WIN32OLE_VARIANT.new(/foo/) + } + end + def test_s_new_no_argument ex = nil begin Index: ruby_1_9_1/test/win32ole/test_win32ole_method.rb =================================================================== --- ruby_1_9_1/test/win32ole/test_win32ole_method.rb (revision 20114) +++ ruby_1_9_1/test/win32ole/test_win32ole_method.rb (revision 20115) @@ -24,6 +24,9 @@ def test_initialize ole_type = WIN32OLE_TYPE.new("Microsoft Shell Controls And Automation", "Shell") + assert_raise(TypeError) { + WIN32OLE_METHOD.new(1, 2) + } assert_raise(ArgumentError) { method = WIN32OLE_METHOD.new("foo") } Index: ruby_1_9_1/test/win32ole/test_win32ole.rb =================================================================== --- ruby_1_9_1/test/win32ole/test_win32ole.rb (revision 20114) +++ ruby_1_9_1/test/win32ole/test_win32ole.rb (revision 20115) @@ -153,6 +153,15 @@ assert_instance_of(WIN32OLE, @dict2) end + def test_s_new_exc + assert_raise(TypeError) { + WIN32OLE.new(1) + } + assert_raise(TypeError) { + WIN32OLE.new("Scripting.Dictionary", 1) + } + end + def test_s_new_DCOM rshell = WIN32OLE.new("Shell.Application") assert_instance_of(WIN32OLE, rshell) @@ -172,6 +181,12 @@ assert_instance_of(WIN32OLE, obj) end + def test_s_connect_exc + assert_raise(TypeError) { + WIN32OLE.connect(1) + } + end + def test_invoke_accept_symbol_hash_key fso = WIN32OLE.new('Scripting.FileSystemObject') afolder = fso.getFolder(".") -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/