* io.c (rb_f_syscall): should check argument string taint before

invoking system calls. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@28294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2010-06-12 01:04:31 +0000
committer: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2010-06-12 01:04:31 +0000
commit: ebee52769993bb3ba0d308ee77cc08785a66df7c (patch)
tree: f45da8c83a2187a649bdf60e7be4c2a1ddec6a3c
parent: 52ae6c71b51cedebcc70da1c96524b1b6cd20f10 (diff)
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index e94661fc3d..030fbf3cd9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sat Jun 12 10:02:26 2010  Yukihiro Matsumoto  <[email protected]>
+
+	* io.c (rb_f_syscall): should check argument string taint before
+	  invoking system calls.
+
 Thu Jun 10 14:45:28 2010  KOSAKI Motohiro  <[email protected]>
 
 	* ext/dl/dl.c (rb_dl_strdup): strdup() only allocates a buffer of
diff --git a/io.c b/io.c
index 3adca313a5..f7f17c85fb 100644
--- a/io.c
+++ b/io.c
@@ -5250,7 +5250,7 @@ rb_f_syscall(argc, argv)
 	VALUE v = rb_check_string_type(*argv);
 
 	if (!NIL_P(v)) {
-	    StringValue(v);
+	    SafeStringValue(v);
 	    rb_str_modify(v);
 	    arg[i] = (unsigned long)StringValueCStr(v);
 	}
author	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2010-06-12 01:04:31 +0000
committer	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2010-06-12 01:04:31 +0000
commit	ebee52769993bb3ba0d308ee77cc08785a66df7c (patch)
tree	f45da8c83a2187a649bdf60e7be4c2a1ddec6a3c
parent	52ae6c71b51cedebcc70da1c96524b1b6cd20f10 (diff)